计算机科学 ›› 2013, Vol. 40 ›› Issue (Z11): 203-209.
王电钢,丁雪峰,黄昆
WANG Dian-gang,DING Xue-feng and HUANG Kun
摘要: 无证书密码体制能同时解决传统公钥密码体制证书管理问题和基于身份密码体制中密钥分发的问题,而受到学者们的关注。基于双线性对的无证书签密,因需要大量开销用于双线性对运算而性能不佳。研究不基于双线性对的无证书签密方案,发现Selvi等人的不基于双线性对的无证书签密方案不是标准的无证书签密方案,因为用户在使用时必须先验证对方的公钥,这不仅与无证书公钥体制相背,而且增加了用户的开销。分析了其他3个不基于双线性对的无证书签密方案,发现这3个方案都不满足不可伪造性和机密性。为解决这些安全性问题,提出一个新的不基于双线性对的无证书签密方案,并在随机预言机模型下证明了其安全性。
[1] Shamir A. Identity based cryptosystems and signature scheme[C]∥Crypto 1984,in:LNCS.Springer-Verlag,1984,196:47-53 [2] Al-Riyami S,Paterson K.Certificateless public key cryptography[C]∥Asiacrypt 2003.2003:452-473 [3] Zheng Y.Digital signcryption or how to achieve cost (signature and encryption) 6cost (signature)+cost(encryption)[C]∥Cryptology-Crypto 1997.1997:291-312 [4] An J H,Dodis Y,Rabin T.On the security of joint signature and encryption[C]∥Advances in Cryptology-Eurocrypt 2002.2002:83-107 [5] Malone-Lee J.Identity based signcryption.CryptologryePrint Archive,Report 2002/098.http://eprint.iacr.org/2002/098 [6] Barbosa M,Farshim P.Certificateless signcryption[C]∥Proc.ACM Symposium on Information,Computer and Communications Security (ASIACCS 2008).2008:369-372 [7] Wu C,Chen Z.A new efficient certificateless signcryptionscheme[C]∥International Symposium on Information Science and Engieering,2008.ISISE’08.2008:661-664 [8] Selvi S S D,Vivek S S,Ragan C P.On the security of certificateless signcryption schemes.Cryptology ePrint Archive:Report 2009/298,Available from:http://eprint.iacr.org/2009/298 [9] Xie W,Zhang Z.Efficient and provably secure certificatelesssigncryption from bilinear maps.Cryptology ePrint Archive:Report 2009/578,Available from:http://eprmt.iacr.org/2009/578.pdf [10] Selvi S S D,Vivek S S,Ragan C P.Security weaknesses in two certificateless signcryption schemes.Cryptology ePrint Archive:Report 2010/092,Available from:http://eprint.iacr.org/2010/092 [11] Liu Z,Hu Y,Zhang X,et al.Certificateless signcryption scheme in the standard model[J].Information Sciences,2010,180(3):452-464 [12] Weng J,Yao G,Deng R H,et al.Cryptanalysis of a certificateless signcryption scheme in the standard model[J].Information Sciences,2011,181(3):661-667 [13] Chen L,Cheng Z,Smart N.Identity-based key agreement protocols from pairings[J].International Journal of Information Security,2007,6(2):213-241 [14] Cao X,Kou W.A Pairing-free Identity-based Authenticated Key Agreement Scheme with Minimal Message Exchanges[J].Information Sciences,2010,180(6):2895-2903 [15] He D,Chen J,Hu J.An ID-based proxy signature schemes without bilinear pairings[J].Annals of Telecommunications,2011,66(11/12):657-662 [16] Barreto P,Deusajute A,Cruz E,et al.Toward efficient certificateless signcryption from (and without) bilinear pairings.http://sbseg2008.inf.ufrgs.br/proceedings/data/pdf/st03_03_artigo.pdf [17] Selvi S S D,Vivek S S,Ragan C P.Cryptanalysis of Certificateless Signcryption Schemes and an Efficient Construction Without Pairing[C]∥Inscrypt 2009.2010:75-92 [18] Xie W,Zhang Z.Certificateless Signcryption without Pairing”,Cryptology ePrint Archive:Report 2010/187.Available from:http://eprint.iacr.org/2010/187 [19] Zhu H,Li H,Wang Y.Certificateless Signcryption SchemeWithout Pairing[J].Journal of Computer Research and Development,2010,47(9):1587-1594 [20] Liu W,Xu C.Certificateless Signcryption Scheme Without Bilinear Pairing[J].Journal of Software,2011,22(8):1918-1926 [21] Jing X.Provably Secure Certificateless Signcryption Schemewithout Pairing[C]∥2011International Conference on Electronic & Mechanical Engineering and Information Technology.2011:4753-4756 [22] David P,Jacque S.Security Arguments for Digital Signaturesand Blind Signatures[J].Journal of Cryptology,2000,13(3):361-396 |
No related articles found! |
|