可证安全的无证书群签名方案

提出一个安全有效的无证书群签名方案。该方案满足群签名的各种安全性要求,还允许用户动态地加入与离开且不需更新群公钥和其他群成员的签名私钥。群签名的长度不依赖于群成员的数目。它的安全性建立在计算Differ-Hellman问题的困难性之上。     

新型的基于DLP的无证书签名方案

大多数的无证书签名方案是基于椭圆曲线的,基于Schnorr签名提出了一个新的没有对的无证书签名方案。在离散对数假设下,证明了该方案是计算上不可伪造的。该方案不需要公钥证书来验证用户的公钥,解决了基于身份签名方案中的密钥托管问题。     

一种前向安全的无证书代理盲签名方案

为了解决密钥泄漏问题,提出一种前向安全的无证书代理盲签名方案,采用密钥不断更新的方法,保证了代理盲签名方案的前向安全性。当代理签名者的代理密钥泄漏后,以前所产生的代理盲签名依然有效,从而减少了密钥泄漏对系统带来的损失。同时该方案采用了无证书公钥密码体制,避免了基于证书密码系统的证书管理问题,解决了基于身份的密钥托管问题。     

Efficient Certificateless Aggregate Signature Scheme

In ubiquitous computing, data should be able to be accessed from any location, and the correctness of data becomes vital during the communication. Suppose that many users sign different messages respectively, before forwarding or sending these messages, then the verifier must spend a lot of computing time to verify their signatures. Consequently, the aggregate signature scheme is an effective method of improving efficiency in this kind of systems, which provides the convenience for the verifier. In this paper, we propose a new certificateless aggregate signature scheme which is efficient in generating a signature and verification. This scheme is provably secure under the extended computational Diffie-Hellman assumption.     

基于SM2的无证书加密算法

无证书密码系统中无需证书来管理公钥,同时没有标识密码系统中的密钥委托功能.本文描述一种基于SM2加密算法构造的无证书加密算法,并在随机谕示和代数群模型下证明其安全性可以规约到Gap-Diffie-Hellman复杂性假设.因此构造的算法具有可证明安全性,并可基于已有SM2算法部件快速部署等优势.采用该算法的密码系统具有简洁的密钥管理、高效的算法实现,非常适合物联网等需要轻量级公钥算法的应用场景.     

An efficient certificateless key exchange protocol for heterogeneous networks in human-centered IoT systems

Human-centered Internet of things (IoT) systems enable human beings to enjoy the ubiquitous services and play more and more important roles in our life. A common application scenario in human-centered IoT systems is that two distributed wireless devices from heterogeneous networks want to communicate with each other. However, key generation centers (KGCs) from different networks usually use independent security parameters. It is difficult for two users with different security parameters to establish a common session key. We propose a certificateless key exchange protocol for two different devices managed by different KGCs to address the issue. The security of the proposed protocol is conducted in the random oracle model with the hardness assumption of elliptic curve computational Diffie-Hellman (ECDH) problem. The main merits of our protocol include the following: (a) it enables users from heterogeneous networks to establish upon a shared session key, (b) it can solve the key escrow problem, (c) it does not use bilinear pairings and obtains computational efficiency, and (d) it achieves stronger security compared with other related protocols.