一种面向低轨卫星网络的高效无证书身份认证方案

针对现有低轨卫星网络认证方案采用集中认证方式存在认证时延大和采用复杂的双线性映射存在计算开销大的问题。引入无证书认证模型,在Gayathri方案的基础上;设计了一种高效无证书认证方案。该方案将用户的公钥和真实身份统一起来,使得认证过程中不需要第三方参与,降低了认证时延;通过椭圆曲线上少量点乘和点加运算构建认证消息,避免使用双线性映射,降低了计算开销;并在随机预言模型下,基于椭圆曲线离散数学对问题假设,对其安全性进行了证明。最后,通过实验仿真,与现有低轨卫星身份认证方案相比,所提方案的认证时延、计算开销和通信开销较低。     

高效的无证书聚合签密方案

现有的聚合签密方案大多是签密后由任意用户对签密进行聚合。为了提高聚合签密的效率,设计了一种新的基于异或运算（exclusive OR,XOR）的无证书聚合签密方案。该方案可预先指定任意用户为聚合者,并由聚合者发起签密协议,各用户对消息签密后再由聚合者进行聚合。证明了该方案在随机预言模型下满足不可伪造性和保密性。与现有的几种聚合签密方案相比,提出的签密方案具有计算效率高的优点。     

不含双线性对的高效无证书聚合签密方案

现有的聚合签密方案主要是基于复杂的双线性对构造,计算效率较低,不能很好地适用于计算资源和通信带宽受限的应用环境。为了提高聚合签密的效率,提出一种不含双线性对映射的无证书聚合签密方案。基于计算Diffie-Hellman问题（CDHP）和离散对数问题（DLP）的困难性,在随机预言模型下证明了方案满足机密性和不可伪造性。该方案不含双线性对运算和指数运算,在单签密阶段仅需要2个点乘运算,与已有的典型聚合签密方案相比具有更高的计算效率且密文长度更短;而且方案的聚合签密验证阶段无需任何用户的秘密信息,方案具有可公开验证性;此外,方案在部分私钥生成阶段不需要安全信道,降低了通信复杂度。     

Efficient and short certificateless signatures secure against realistic adversaries

The notion of certificateless cryptography is aimed to eliminate the use of certificates in traditional public key cryptography and also to solve the key-escrow problem in identity-based cryptography. Many kinds of security models have been designed for certificateless cryptography and many new schemes have been introduced based on the correspondence of the security models. In generally speaking, a stronger security model can ensure a certificateless cryptosystem with a higher security level, but a realistic model can lead to a more efficient scheme. In this paper, we focus on the efficiency of a certificateless signature (CLS) scheme and introduce an efficient CLS scheme with short signature size. On one hand, the security of the scheme is based on a realistic model. In this model, an adversary is not allowed to get any valid signature under false public keys. On the other hand, our scheme is as efficient as BLS short signature scheme in both communication and computation and, therefore, turns out to be more efficient than other CLS schemes proposed so far. We provide a rigorous security proof of our scheme in the random oracle model. The security of our scheme is based on the k-CAA hard problem and a new discovered hard problem, namely the modified k-CAA problem. Our scheme can be applied to systems where signatures are typed in by human or systems with low-bandwidth channels and/or low-computation power.     

改进的签名长度固定的无证书聚合签名

现有的具有固定签名长度的无证书聚合签名(certificateless aggregate signatures, CLAS)方案要么存在安全缺陷,要么通信开销较大。提出一种改进的CLAS方案,由聚合人选择整数域上的随机参数替代状态信息,并且广播给所有签名者。在随机预言模型下,改进方案被规约为多项式时间敌手求解CDH(computational Diffie- Hellman)难题,具有可证明安全性。对比分析表明,改进CLAS方案的状态信息协商阶段仅需要1次广播通信,通信开销更低,易于实现。改进方案可用于在资源受限的网络环境下构建多对一的认证方案。     

Design of DL-based certificateless digital signatures

Public-key cryptosystems without requiring digital certificates are very attractive in wireless communications due to limitations imposed by communication bandwidth and computational resource of the mobile wireless communication devices. To eliminate public-key digital certificate, Shamir introduced the concept of the identity-based (ID-based) cryptosystem. The main advantage of the ID-based cryptosystem is that instead of using a random integer as each user’s public key as in the traditional public-key systems, the user’s real identity, such as user’s name or email address, becomes the user’s public key. However, all identity-based signature (IBS) schemes have the inherent key escrow problem, that is private key generator (PKG) knows the private key of each user. As a result, the PKG is able to sign any message on the users’ behalf. This nature violates the “non-repudiation” requirement of digital signatures. To solve the key escrow problem of the IBS while still taking advantage of the benefits of the IBS, certificateless digital signature (CDS) was introduced. In this paper, we propose a generalized approach to construct CDS schemes. In our proposed CDS scheme, the user’s private key is known only to the user himself, therefore, it can eliminate the key escrow problem from the PKG. The proposed construction can be applied to all Discrete Logarithm (DL)-based signature schemes to convert a digital signature scheme into a CDS scheme. The proposed CDS scheme is secure against adaptive chosen-message attack in the random oracle model. In addition, it is also efficient in signature generation and verification.     

具有聚合性质的无证书代理重签名方案

现有的代理重签名大多是基于证书或身份的密码系统,存在证书管理和密钥托管等问题。为了克服已有代理重签名方案的安全性依赖强和计算开销大等缺陷,结合代理重签名和无证书公钥密码体制,设计了一种具有聚合性质的无证书代理重签名方案,可将任意长度集合上的签名或者重签名聚合成一个集合上的签名,有效减少了签名验证的计算代价和通信成本。分析结果表明,新方案具有较短的签名长度和重签名长度,并且在k MCDH假设下是存在性不可伪造的。     

A new certificateless aggregate signature scheme

Aggregate signatures are useful in special areas where the signatures on many different messages generated by many different users need to be compressed. In this paper, we study aggregate signatures in certificateless public key settings. We first present the notion and security model of certificateless aggregate signature schemes. Then we give an efficient certificateless aggregate signature scheme. Our scheme is existentially unforgeable under adaptive chosen-message attacks assuming the computational Diffie–Hellman problem is hard.     

一种高效的无证书多重签名方案*

为了满足多个人对同一份文件签名的高效性,将无证书密码体制与多重签名方案相结合,提出一种高效的无证书多重签名方案。该方案有效地削弱了可信第三方的权力,并且被证明了在适应性选择消息攻击下是存在性不可伪造的,其安全性基于CDH问题的困难假设。与现有方案相比,该方案需要计算的双线性对计算次数少,降低了系统开销。     

高效的无证书签名方案

传统的数字签名方案存在证书的存储和管理开销大的问题,基于身份的数字签名方案无法解决其固有的密钥托管问题,而无证书签名方案不需使用公钥证书,而且没有密钥托管问题,是目前的一个研究热点。基于双线性映射设计出一个无证书签名方案,并在随机预言机模型下证明了它的安全性。该无证书签名方案在签名和验证阶段共需要两个双线性映射运算,具有较高的执行效率。签名方案的安全性建立在计算Diffie-Hellman问题的困难性假设上。性能分析表明,设计的签名方案在保证安全性的前提下,具有较高的执行效率。     

有效的无证书签名方案

为解决基于身份的密码体制的密钥托管问题以及传统公钥密码体制的公钥认证问题,通过修改Barreto等人提出的高效的基于身份的签名方案中的私钥和公钥的产生算法,提出了一个无证书签名方案。该方案在随机预言模型下是可证明安全的,而且也是高效的方案,只需要一个对运算。     

高效的无证书签密方案

无证书的密码体制不但消除了传统公钥密码体制中的证书管理问题,而且解决了基于身份密码体制中的密钥泄露问题。签密方案结合了公钥加密和数字签名的功能,能够同时实现消息的机密性和认证性。提出一种新的无证书签密方案,新方案在签密过程中需要1次配对运算,在解签密过程中仅需要3次配对运算。与已有的方案相比,新方案具备更高的效率。在安全性方面,新方案满足机密性、不可伪造性和可公开验证性。     

一类无证书签名方案的密码学分析与启示

无证书签名方案简化了传统公钥基础设施(PKI)对公钥证书的需求,必须考虑公钥替换攻击。通过对明-王方案、Li-Cheng-Sun方案、 曹-Paterson-寇方案的分析,指出三个方案使用公钥对代替用户单一公钥的方法不能抵抗公钥替换攻击。采用“绑定”技术对该类方案进行改进,改进后的方案满足Rafael-Ricardo关于无证书的一般模式,可以抵抗公钥替换攻击。最后指出设计无证书签名方案时,不能直接套用基于身份的签名方案,必须注意无证书签名方案的环境要求。     

Simulatability and security of certificateless threshold signatures

We analyze the relationship between the notion of certificateless public key cryptography (CL-PKC) and identity-based schemes without a trusted private key generator (PKG), formally define the security of certificateless threshold signatures, and propose a concrete implementation based on bilinear pairings. To exhibit the security of our proposal, we develop the theory of simulatability and relationship between the certificateless threshold signatures and the underlying (non-threshold) ID-based signatures. We show that the proposed scheme is robust and existentially unforgeable against adaptively chosen message attacks under CDH assumption in the random oracle model.     

USBKey辅助的无证书移动IP注册认证协议

移动IP中无线链路的开放性和节点的移动性,给移动节点的注册带来潜在的安全威胁。针对移动节点的注册安全问题,提出了一种USBKey辅助的注册认证协议。该协议通过USBKey保护移动节点的私钥以加强移动注册的安全性,结合数字信封技术与数字签名技术,实现相关协议实体的身份认证和注册信息的安全保护。分析结果表明,该协议可保证注册信息的完整性和机密性,可以有效抵御常见的安全攻击,保证移动节点的注册安全,并且比多数相关协议的注册认证迟延更小。     

高效的无证书并行多重签名方案

基于无证书公钥密码体制的优点和多重数字签名的要求,设计了一个高效的无证书并行多重签名方案。方案需要的对运算与用户的数量无关,与其他基于双线性对技术的多重签名方案相比,具有较高的效率。在随机预言模型下,基于计算Diffie-Hellman困难问题假设,证明方案可以抵抗无证书并行多重签名中的两类攻击。     

高效安全无证书部分盲签名

提出了一个无证书的部分盲签名方案,并给出了其正式安全模型,解决了余丹等人提出的部分盲签名方案公共信息被篡改的问题.对新方案的正确性、部分盲性给予了分析,并在随机预言机模型下证明方案的安全性.新方案中密钥生成中心与用户交互时不再需要可信的安全信道,使之更符合实际应用;同时通过预计算e (P,P)＝g作为系统公开参数,无需使用特殊的MapToPoint哈希函数,提高了方案的效率.与现有无证书部分盲签名在效率上进行比较,实验结果表明,该方案比现有方案更高效.     

有效的无证书代理签名方案

利用双线性映射设计一个有效的无证书代理签名方案。在最强的安全模型下,方案给出了正式的安全证明。它的安全性基于计算Diffie-Hellman问题的困难性。分析显示新方案满足诸如可验证性、强不可否认性、强可识别性、防止签名滥用等安全性质。鉴于方案的安全、高效和无证书管理的优点,它可广泛应用于电子商务、移动代理系统等方面。     

一个无证书聚合签名方案的分析与改进

对侯红霞等人提出的无证书聚合签名方案进行分析,指出该方案是不安全的,无法抵抗第二种类型敌手的攻击,并对该方案进行改进,提出了一个新的无证书聚合签名方案,利用Diffie-Hellman困难问题,在随机预言模型下证明了新方案是存在性不可伪造的。效率分析表明,新方案在签名验证中只需要3个对运算和[n]个标量乘运算,比已有方案效率更高更安全。     

Delegation of signing rights using certificateless proxy signatures

A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer within a given context. It has lots of practical applications in distributed systems, grid computing, mobile agent applications, distributed shared object systems, global distribution networks, and mobile communications. In the last years, fruitful achievements have been seen in certificateless public key cryptography which has the advantages of no certificate management and no key escrow compared with traditional public key cryptography and identity-based public key cryptography respectively. However, the existing certificateless proxy signature schemes is either insecure or without formal security analysis. In this paper, we formalize the security model of certificateless proxy signature schemes and propose a provably secure certificateless proxy signature scheme with formal security proof under the computational Diffie–Hellman assumption.