计算机科学 ›› 2020, Vol. 47 ›› Issue (9): 304-310.doi: 10.11896/jsjkx.200500002

• 信息安全 • 上一篇    下一篇

无双线性对的无证书签名方案及其在配电网中的应用

刘帅, 陈建华   

  1. 武汉大学数学与统计学院 武汉430072
  • 收稿日期:2020-05-06 发布日期:2020-09-10
  • 通讯作者: 陈建华(chenjh_ecc@163.com)
  • 作者简介:shuai_liu@whu.edu.cn

Certificateless Signature Scheme Without Bilinear Pairings and Its Application in Distribution Network

LIU Shuai, CHEN Jian-hua   

  1. School of Mathematics and Statistics,Wuhan University,Wuhan 430072,China
  • Received:2020-05-06 Published:2020-09-10
  • About author:LIU Shuai,born in 1995,postgraduate.His main research interests include elliptic curve cryptography and information security.
    CHEN Jian-hua,born in 1964,Ph.D,professor,Ph.D supervisor.His main research interests include cryptography and information security.

摘要: 无证书密码体制解决了传统公钥密码体制存在的公钥证书管理复杂的问题,以及基于身份的密码体制存在的密钥托管问题。因此,文中提出了一种基于椭圆曲线的无双线性对的无证书签名方案,在随机预言机模型以及椭圆曲线离散对数困难问题假设下,利用分叉引理(The Forking Lemma)证明了该方案可以抵抗第一类强敌手和第二类敌手的攻击。然后,将该方案与2016年以来提出的其他4种基于椭圆曲线的无证书签名方案在理论上进行性能比较,并采用C语言实现所有签名方案,对所有方案进行效率比较。实验结果表明,该方案与Jia方案相比平均总耗时相近,与Hassouna方案、Zhang方案和Karati方案相比,平均总耗时分别减少了约51.0%,10.4%和22.1%,说明所提方案的总效率具有一定的优势。最后,将提出的签名方案应用到配电网Modbus TCP(Transmission Control Protocol)模式通信的报文认证中,对提出的认证协议进行了安全性分析,结果表明其可以抵抗重放攻击、伪装攻击和中间人攻击。

关键词: Modbus 报文, 分叉引理, 配电网, 椭圆曲线离散对数问题, 无双线性对, 无证书签名

Abstract: The certificateless cryptosystem solves the complex problem of public key certificate management in the traditional public key cryptosystem and the problem of key escrow in the identity based cryptosystem.This paper proposes a certificateless signature scheme based on the elliptic curve with no bilinear pairings.Under the assumption of random oracle model and the difficulty of elliptic curve discrete logarithm,by using the bifurcation lemma (the Forking lemma),this paper proves that the scheme can resist the attack of the first class of strong adversaries and the second class of adversaries.Then,the performance of the scheme is compared with that of the other four certificateless signature schemes based on elliptic curve proposed since 2016,and all signature schemes are implemented by C language,and the efficiency of all schemes is compared.The results show that the ave-rage total time consumption of the proposed scheme is similar to that of Jia scheme,and compared with that of Hassouna scheme,Zhang scheme and Karati scheme,the average total time consumption are decreased by 51.0%,10.4% and 22.1% respectively,which shows that the total efficiency of this scheme has some advantages.Finally,the signature scheme of this paper is applied to the message authentication of Modbus TCP (Transmission Control Protocol) communication in distribution network.The security analysis of the proposed authentication protocol shows that the proposed scheme can resist replay attack,camouflage attack and man in the middle attack.

Key words: Certificateless signature, Distribution network, Elliptic curve discrete logarithm problem, Modbus message, No bilinear pairings, The Forking Lemma

中图分类号: 

  • TN918
[1] PIATKOWSKA E,BAJRAKTARI A,CHHAJED D,et al.Tool support for data protection impact assessment in the smart grid[J].Elektrotechnik und Information stechnik,2017,134(1):26-29.
[2] DENG W,WEN K,ZHANG H,et al.Design and analysis of data encryption and authentication scheme for distribution grid[J].Computer Engineering & Software,2017,38(6):17-23.
[3] AL-RIYAMI S,PATERSON K G.Certificateless public keycryptography[C]//Advances in Cryptology-ASIACRYPT’03.Berlin:Springer-Verlag,2003.
[4] ZOU X F,XIAO Y X.Modbus telegram security of distribution network based on SM2[J].Power System Protection and Control,2018,46(12):151-157.
[5] QIU F,CHEN LL,LIN N,et al.Security analysis and improvement of Modbus message in distribution network based on SM9 [J].China Power,2019,52 (10):18-25.
[6] ZHANG Z H,ZHOU J,DING K,et al.The Applications of Asymmetric Encryption of Digital Signature Technology in Distribution Automation System[J].Electrical Automation,2012(3):43-45.
[7] ENGE A.Elliptic Curves and Their Applications to Cryptography-An Introduction[M].Kluwer Academic Publishers,1999:39-40.
[8] WU T,JING X J.Cryptanalysis and Improvement of a Certificateless Signature Scheme with Strong Unforgeability[J].Acta Electronica Sinica,2018,46(3):602-606.
[9] HUANG X,Mu Y,SUSILO W,et al.Certificateless Signature Revisited[C]// Australasian Conference on Information Security & Privacy.Washington D.C.,USA:IEEE Press,2007:308-322.
[10] POINTCHEVAL D,STERN J.Security Arguments for Digital Signatures and Blind Signatures[J].Journal of Cryptology,2000,13(3):361-396.
[11] HE D B,CHEN J H,ZHANG R.An efficient and provably-secure certificateless signature scheme without bilinear pairings[J].International Journal of Communication Systems,2011,25(11):1432-1442.
[12] HASSOUNA M,BASHIER E,BARRY B.A Strongly SecureCertificateless Digital Signature Scheme in The Random Oracle Model[J].International Journal of Network Security,2016,18(5):938-945.
[13] ZHANG Y,DENG R,ZHENG D,et al.Efficient and Robust Certificateless Signature for Data Crowdsensing in Cloud-assisted Industrial IoT[J].IEEE Transactions on Industrial Informatics,2019,15(9):5099-5108.
[14] KRISHNAMOORTHY M,PERUMAL V.Secure and efficient hand-over authentication in WLAN using elliptic curve RSA[J].Computers & Electrical Engineering,2017,64:552-566.
[15] KARATI A,ISLAM S H,BISWAS G P.A Pairing-free andProvably Secure Certificateless Signature Scheme[J].Information Sciences,2018,450:378-391.
[16] JIA X Y,HE D B,LIU Q,et al.An efficient provably-securecertificateless signature scheme for Internet-of-Things deployment[J].Ad Hoc Networks,2018,71(15):78-87.
[1] 张振超, 刘亚丽, 殷新春.
适用于物联网环境的无证书广义签密方案
New Certificateless Generalized Signcryption Scheme for Internet of Things Environment
计算机科学, 2022, 49(3): 329-337. https://doi.org/10.11896/jsjkx.201200256
[2] 王锡龙, 李鑫, 秦小麟.
电力物联网下分布式状态感知的源网荷储协同调度
Collaborative Scheduling of Source-Grid-Load-Storage with Distributed State Awareness UnderPower Internet of Things
计算机科学, 2021, 48(2): 23-32. https://doi.org/10.11896/jsjkx.200900209
[3] 叶胜男, 陈建华.
一个强安全的无证书签名方案的分析和改进
Security Analysis and Improvement of Strongly Secure Certificateless Digital Signature Scheme
计算机科学, 2021, 48(10): 272-277. https://doi.org/10.11896/jsjkx.201200117
[4] 胡小明,马闯,斯桃枝,蒋文蓉,许华杰,谭文安.
改进的无证书广义指定验证者聚合签名方案
Improved Certificateless Aggregate Signature Scheme with Universal Designated Verifier
计算机科学, 2017, 44(8): 168-175. https://doi.org/10.11896/j.issn.1002-137X.2017.08.030
[5] 陈燕,吴赞红,王博,任海军,孔维禅.
智能配用电业务接入网络支持的关键技术研究
Key Technology of Access Network Supporting in Intelligent Power Distribution Business
计算机科学, 2016, 43(Z6): 558-560. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.133
[6] 张贵军,夏华栋,周晓根,张贝金.
一种配电网络差分禁忌线路规划方法
Hybrid Differential Evolution Based on Tabu Search Algorithm for Distribution Network Line Planning
计算机科学, 2016, 43(10): 248-255. https://doi.org/10.11896/j.issn.1002-137X.2016.10.047
[7] 张亦辰,李继国,钱 娜.
无证书强指定验证者签名方案
Certificateless Strong Designated Verifier Signature Scheme
计算机科学, 2015, 42(3): 132-135. https://doi.org/10.11896/j.issn.1002-137X.2015.03.027
[8] 孙凌,田源,黄后彪.
航空移动自组网中簇间节点密钥协商方案
Nodes Key Agreement Scheme between Clusters in Aeronautical Mobile Ad hoc Network
计算机科学, 2014, 41(Z6): 369-373.
[9] 夏峰,杨波.
公钥不可替换无证书签名方案
Certificateless Signature Scheme without Public Key Replaced
计算机科学, 2012, 39(8): 92-95.
[10] 俞惠芳,王彩芬,王之仓.
基于ECC的自认证代理签密方案
Self-certified Proxy Signcryption Scheme Based on Elliptic Curve Cryptography
计算机科学, 2010, 37(7): 91-92.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!