匿名CLPKC-TPKI异构签密方案

异构签密可以保证不同公钥密码系统之间数据传输的机密性和不可伪造性。本文定义了从无证书公钥密码环境到传统公钥密码环境（CLPKC→TPKI）异构签密方案的形式化模型，并利用双线性对提出了一个CLPKC→TPKI异构签密方案。在随机预言模型下，基于计算Diffie-Hellman和修改逆计算Diffie-Hellman困难假设，证明方案满足内部安全的机密性和不可伪造性。同时，方案满足密文匿名性，可以有效地保护收发双方的身份隐私。方案使用不同的密码系统参数，更接近于实际应用环境。与已有异构签密方案相比，方案的效率较高，适合于收发双方身份保密和带宽受限的应用需求。

CLPKC-to-TPKI Heterogeneous Signcryption Scheme with Anonymity

Heterogeneous signcryption,a cryptographic primitive,can simultaneously provide the confidentiality and unforgeability of data transmission between different public key cryptography.The paper gives the definition and security models of CLPKC-to-TPKI heterogeneous signcryption scheme between CLPKC (Certificateless Public Key Cryptography) and TPKI (Traditional Public Key Infrastructure),and presents a construction by using the bilinear pairing.In the random oracle model,based on the assumptions of Computational Diffie-Hellman and modifying Inverse Computational Diffie-Hell-man,the scheme is proved to satisfy the confidentiality and unforgeability of the insider security.Moreover,it satisfies the properties of ciphertext anonymity which can efficiently protect the privacies of sender and receiver.Owing to the independ-ence and difference of the system parameters in CLPKC and TPKI,the scheme is more suitable in the practical environ-ments.Furthermore,the analysis of efficiency shows that,comparing to the existing heterogeneous signcryption schemes,the scheme is more efficient,so it is suitable for the requirements of identity hiding and constrained bandwidth.