面向IoV的无证书聚合签名方案

针对车联网信息交互中存在的车辆身份匿名性和消息认证安全问题,目前很多方案是通过双线对来构造的,计算效率较低、通信开销较大且存在密钥托管问题.提出了一种适用于车联网的基于无证书的聚合签名方案,车辆的密钥由KGC和车辆共同生成,避免了密钥托管问题.该方案没有使用双线性对运算,且支持聚合验证,签名长度不会随着车辆数量的增加呈现增长趋势,适合存储资源受限的设备.在随机预言机模型下,基于椭圆曲线上的离散对数问题,证明了该方案具有签名不可伪造性.通过性能分析,该方案具有较高的计算效率和较低的通信开销.     

Generic Transformation from Weakly to Strongly Unforgeable Signatures

Current techniques for transforming unforgeable signature schemes （the forged message has never been signed） to strongly unforgeable ones （the forged message could have been signed） require supplementary components to be added onto the original key pairs of the schemes. In addition, some of them can only be applied to a certain type of signature schemes. In this paper, we propose a new generic transformation technique which converts any unforgeable signature scheme into a strongly unforgeable one without modifying any component in the original key pair. This makes our technique especially compatible for practical use. Our technique is based on strong one-time signature schemes. We show that they can be constructed efficiently from any one-time signature scheme that is based on one-way functions. The performance of our technique also compares favorably with that of current ones. Besides, it is shown in this paper that our transformation can further be applied to schemes satisfying only a weak variant of unforgeability without any further modification. Furthermore, our technique can also be used for constructing strongly unforgeable signature schemes in other cryptographic settings which include certificateless signature, identity-based signature, and several others. To the best of our knowledge, similar extent of versatility is not known to be supported by any of those comparable techniques. Finally and of independent interest, we show that our generic transformation technique can be modified to an on-line/off-line signature scheme, which possesses a very efficient signing process.     

基于一次性环签名的区块链电子投票方案

针对当前电子投票系统在匿名性、透明性、公开计票等方面存在的问题,提出了一种基于一次性环签名和区块链的电子投票方案。通过引入一次性环签名解决了投票者匿名、重复投票、公开验证等问题,通过区块链技术解决了投票过程的公开透明问题,为保证任何人或机构无法在投票结束前获得投票中间结果,引入了匿名地址技术。为提高计票效率,采用密钥共享的方法,对计票算法进行了改进。通过安全和性能分析,该方案符合电子投票系统的基本安全标准。     

可证明安全的可变门限代理重签名方案

已有的大部分门限代理重签名方案的门限值是固定的,而可变门限代理重签名方案更符合实际应用的需求,即根据消息的重要性可灵活地选择不同的门限值进行门限重签名。在Ateniese G等人提出的代理重签名方案Sbi的基础上,利用中国剩余定理提出了一个具有短公开参数和签名长度的可变门限代理重签名方案,并给出了该方案的安全性证明。根据可变的门限值,每个代理者都能非交互地生成相应的重签名子密钥和验证公钥。与现有方案相比, 新方案占用通信带宽低、计算效率高。     

具有消息恢复的共享验证代理签名方案

提出了一个具有消息恢复的共享验证代理签名方案。在该方案中,把签名的验证权让[n]个验证人分享,使得指定验证组中的[t]个或更多验证人合作能从签名中恢复消息并能验证签名的有效性。该方案满足代理签名方案的安全要求,传送签名时无需传送消息,和其他代理签名方案相比,降低了通信开销;同时也降低了验证人欺骗的风险,万一遇到验证人欺骗,该方案能准确地检查出哪一个验证人在欺骗。     

An efficient short certificate-based signature scheme

Certificate-based cryptography combines the merits of traditional public key infrastructure (PKI) and identity-based cryptography. It does not have the key escrow problem in identity-based cryptography, and eliminates the certificate revocation problem and third-party queries in traditional PKI. In this paper, we first refine the security model of certificate-based signatures introduced in EuroPKI’07. We then present a short certificate-based signature scheme, which is proven to be existentially unforgeable against adaptive chosen message attacks in the random oracle model. Our scheme requires only one pairing operation (and three pre-computable pairing operations) in signature generation and verification. In addition, the signature size of our scheme is only one group element. To the best of our knowledge, the signature size of our scheme is the shortest and the computational cost is the lowest when compared with other concrete certificate-based signature schemes in the literature. This makes our scheme possess strong applicability in situations with limited bandwidth and power-constrained devices.     

基于椭圆曲线的高效分级群签名

为了满足现代电子商务和电子政务的高性能需求, 提出一种高效的分级群签名方案。方案通过对椭圆曲线签名方案进行改进, 避免了耗时的模逆、模乘运算, 并减少了一次点乘运算, 提高了签名和验证算法的效率。在此基础上构造了一个高效的群签名方案, 引入消息等级表, 提出了一个基于椭圆曲线的高效分级群签名方案。经分析表明, 该方案大大缩短了分级群签名和验证的时间, 与现有方案相比, 具有更高的效率和安全性, 同时具有椭圆曲线密码体制的优点, 适用于智能系统中, 实用性强。     

Design of DL-based certificateless digital signatures

Public-key cryptosystems without requiring digital certificates are very attractive in wireless communications due to limitations imposed by communication bandwidth and computational resource of the mobile wireless communication devices. To eliminate public-key digital certificate, Shamir introduced the concept of the identity-based (ID-based) cryptosystem. The main advantage of the ID-based cryptosystem is that instead of using a random integer as each user’s public key as in the traditional public-key systems, the user’s real identity, such as user’s name or email address, becomes the user’s public key. However, all identity-based signature (IBS) schemes have the inherent key escrow problem, that is private key generator (PKG) knows the private key of each user. As a result, the PKG is able to sign any message on the users’ behalf. This nature violates the “non-repudiation” requirement of digital signatures. To solve the key escrow problem of the IBS while still taking advantage of the benefits of the IBS, certificateless digital signature (CDS) was introduced. In this paper, we propose a generalized approach to construct CDS schemes. In our proposed CDS scheme, the user’s private key is known only to the user himself, therefore, it can eliminate the key escrow problem from the PKG. The proposed construction can be applied to all Discrete Logarithm (DL)-based signature schemes to convert a digital signature scheme into a CDS scheme. The proposed CDS scheme is secure against adaptive chosen-message attack in the random oracle model. In addition, it is also efficient in signature generation and verification.     

HORSIC: An efficient one-time signature scheme for wireless sensor networks

One-time signature schemes are promising candidates for broadcast authentication, which is an essential security primitive in wireless sensor networks. This paper proposes HORSIC, an efficient one-time signature scheme for broadcast authentication in wireless sensor networks. Different from previous one-time signature schemes, HORSIC can reduce the public key size and signature size simultaneously at the cost of increased overhead in key generation and signature verification.     

基于数字签名方案DSS/DSA的几种应用方案

随着计算机和网络通信技术的发展,数字签名技术得到了广泛的应用。文中以美国数字签名标准ＤＳＳ／ＤＳＡ为基础,设计了群体数字签名,数字签名的（ｔ,ｎ）共亨认证以及远程口令认证３种应用方案,即体数字允许多人分别签署同一份文件,然后所有的个体签名组成同一份群体签名。     

使用双线性对的自认证公钥盲签名

在盲签名方案中,消息和签名结果对签名人是不可见的。在自认证公钥签名中,验证签名有效性的同时,也验证了公钥的真实性。与已有的基于证书和基于身份的两种签名相比,自认证公钥体制具有通信代价低、计算量少的优点。结合盲签名和自认证公钥签名,使用双线性对,首次构造了一种高效的自认证公钥盲签名方案。分析表明,新方案不仅是安全的,而且其效率也非常高。     

基于公钥自证明的认证加密方案

首先提出了一种基于公钥自证明的认证加密方案。该方案采用用户注册协议动态地完成用户向CA的匿名身份注册,并获取由CA和用户共同产生的公钥的证明,据此可以计算用户的公开密钥;通信双方使用公钥的自证明协议,动态地完成对彼此公钥的自证明;信息的接收者可以从签名中恢复原消息,这样,签名方案既具有身份鉴别作用,又具有信息保密性。其次,针对消息分块情况,给出了一种具有消息链接恢复的基于公钥自证明的认证加密方案。与文眼11演的结果相比,本文给出的方案具有实现了第三层次信任等级的自证明认证、较少的计算时间开销和较高的安全性等优点。     

抗合谋攻击的服务器辅助验证签名方案

服务器辅助验证签名能有效降低签名验证的计算量,非常适用于计算能力较弱的低端计算设备,但大多数标准模型下的服务器辅助验证签名方案不能抵抗服务器和签名者的合谋攻击。为了改进服务器辅助验证签名方案的安全性能,提出了一个新的服务器辅助验证签名方案,并在标准模型下证明了新方案在合谋攻击和选择消息攻击下是安全的。分析结果表明,新方案有效减少了双线性对的计算量,大大降低了签名验证算法的计算复杂度,在效率上优于已有的同类签名方案。     

一个高效的基于证书数字签名方案

基于证书公钥密码学是Gentry在Eurocrypt 2003上首次提出的,它克服了传统公钥系统中存在的证书管理问题和基于身份公钥系统中存在的密钥托管问题。基于计算性Diffie-Hellman假设,构造一个Shnorr型的高效的基于证书数字签名方案,并在随机预言机模型（Random Oracle Model）下证明其安全性。该方案在签名算法中不需要任何双线性对运算,在签名验证算法中只需要一个双线性对运算,在效率上优于已有的基于证书数字签名方案。     

一个一次性多重签名方案

一次性签名自从提出以来得到了广泛研究和应用,特别是最近,它被研究用于组播源认证和流签名问题,得到了很好的效果。而面向群体的数字签名。是另一类十分有用的数字签名,它在复杂的应用中很好地满足了针对某个群体的特殊应用的需要。结合两者可以充分利用两者的优势。近年来,陆续有人提出了代理一次性签名和门限一次性签名等。本文先提出一个可恢复消息的一次性签名方案,然后用这个一次性签名方案构造了一个一次性多重签名方案。     

ID-based proxy signature scheme with message recovery

A proxy signature scheme, introduced by Mambo, Usuda and Okamoto, allows an entity to delegate its signing rights to another entity. Identity based public key cryptosystems are a good alternative for a certificate based public key setting, especially when efficient key management and moderate security are required. From inception several ID-based proxy signature schemes have been discussed, but no more attention has been given to proxy signature with message recovery. In this paper, we are proposing provably secure ID-based proxy signature scheme with message recovery and we have proved that our scheme is secure as existential forgery-adaptively chosen message and ID attack. As proposed scheme is efficient in terms of communication overhead and security, it can be a good alternative for certificate based proxy signatures, used in various applications such as wireless e-commerce, mobile agents, mobile communication and distributed shared object systems, etc.     

基于区块链与国密SM9的抗恶意KGC无证书签名方案

无证书密码体制能同时解决证书管理和密钥托管问题,但其安全模型中总是假设TypeⅡ敌手（恶意密钥生成中心（KGC））不会发起公钥替换攻击,这一安全性假设在现实应用中具有一定的局限性。国密SM9签名方案是一种高效的标识密码方案,它采用了安全性好、运算速率高的R-ate双线性对,但需要KGC为用户生成和管理密钥,存在密钥托管问题。针对以上问题,基于区块链和国密SM9签名方案提出一种抗恶意KGC无证书签名方案。所提方案基于区块链的去中心化、不易篡改等特性,使用智能合约将用户秘密值对应的部分公钥记录在区块链上,在验签阶段,验证者通过调用智能合约查询用户公钥,从而保证用户公钥的真实性。用户私钥由KGC生成的部分私钥和用户自己随机选取的秘密值构成,用户仅在首次获取私钥时由KGC为其生成部分私钥来对其身份标识符背书。随后可以通过更改秘密值及其存证于区块链的部分公钥实现私钥的自主更新,在此过程中身份标识保持不变,为去中心化应用场景提供密钥管理解决方法。区块链依靠共识机制来保证分布式数据的一致性,用户部分公钥的变更日志存储在区块链中,基于区块链的可追溯性,可对恶意公钥替换攻击行为进行溯源,从而防止恶意KG...     

一种基于身份的N-R消息恢复盲签名方案

消息恢复签名方案因其具有消息恢复能力而具有特殊的意义,本文在基于身份的公钥密码体制的基础上,提出了一种基于身份的消息恢复盲签名方案。本文最后证明了该方案的正确性,并进行了效率和安全性分析。     

基于SM2联合签名的电子发票公开验证方案

为解决当前电子发票防伪困难、隐私泄露、验证效率低等问题,针对全程无纸化的电子发票文件,提出了一种基于国密签名算法的电子发票公开验证架构。面向电子发票文件数据来源复杂、票面用户信息敏感、数据流转频繁等特征及电子发票高效公开查验需求,在电子发票服务架构下设计电子发票生成及查验协议,基于无证书联合签名提出发票防伪签名码生成方案,实现开票方与税务主管部门的多重数据核验与签名,支持各类型的发票持有者对电子发票的真伪及数据完整性进行公开查验。融合数据加密算法对电子发票中的用户隐私数据进行保护,同时可满足各类发票应用场景下的真伪或状态验证需求,解决了当前电子发票文件中用户消费信息等敏感数据在传递中泄露的问题,突破了电子发票仅能通过在线系统核对真伪的局限。查验方仅需验证单次签名即可确认开票方及主管部分等双方签名的电子发票真伪性,同时利用公钥加密实现了隐私数据,方案中使用国密算法符合电子发票应用需求。调用Scyther安全仿真工具对方案安全性进行分析,在各类攻击下可安全验证数据的完整性及来源真实性并保证隐私数据的保密性。在查验计算开销及发票文件数据量两方面,与国外已实行的典型电子发票查验方案及同类型基于...