计算机科学

计算机科学 ›› 2017, Vol. 44 ›› Issue (8): 168-175.doi: 10.11896/j.issn.1002-137X.2017.08.030

• 信息安全 • 上一篇    下一篇

改进的无证书广义指定验证者聚合签名方案

胡小明,马闯,斯桃枝,蒋文蓉,许华杰,谭文安   

  1. 上海第二工业大学计算机与信息工程学院 上海201209,上海第二工业大学计算机与信息工程学院 上海201209,上海第二工业大学计算机与信息工程学院 上海201209,上海第二工业大学计算机与信息工程学院 上海201209,广西大学计算机与电子信息学院 南宁530004,上海第二工业大学计算机与信息工程学院 上海201209
  • 出版日期:2018-11-13 发布日期:2018-11-13
  • 基金资助:
    本文受上海市教育委员会科研创新基金重点项目(14ZZ167),国家自然科学基金资助

Improved Certificateless Aggregate Signature Scheme with Universal Designated Verifier

HU Xiao-ming, MA Chuang, SI Tao-zhi, JIANG Wen-rong, XU Hua-jie and TAN Wen-an   

  • Online:2018-11-13 Published:2018-11-13

PDF (PC)

659

摘要: 无证书广义指定验证者聚合签名(CTL-ASWUDV)能有效解决签名者的隐私保护问题。针对最近指出的张玉磊等学者的CTL-ASWUDV方案构造无效且不满足两类敌手攻击的问题,提出了一个改进的CTL-ASWUDV方案(CTL-ASWUDV-1)。该方案在保持了原方案中聚合签名长度和双线性配对数固定的优点的同时,有效克服了两类敌手的攻击。进一步提出了一个更加高效的CTL-ASWUDV方案(CTL-ASWUDV-2)。在随机预言机模型下,证明该方案的安全性可规约为CDH问题。同时,该方案与目前已有的同类方案相比具有如下优势:单个签名和聚合签名无需双线性配对运算,而且聚合签名验证所需的双线性配对数量与签名人数无关,与单个签名验证数量相当,都是1个配对运算;聚合签名长度和指定验证者签名长度与签名人数无关,与单个签名长度相当,都是固定的1个元素,大大节省了网络带宽。

关键词: 网络安全,无证书签名,聚合签名,指定验证者签名,双线性配对

Abstract: Certificateless aggregate signature scheme with universal designated verifier (CTL-ASWUDV) can effectively solve the problem of protecting the privacy of the signer.An improved CTL-ASWUDV scheme (CTL-ASWUDV-1) was proposed according to the problems existing in Zhang et al.’s CTL-ASWUDV scheme on the invalid construction and two types of adversary attacks.The improved scheme not only keeps the advantages of constant aggregate signature length and constant bilinear pairing operation number,but also overcomes the attacks from two types of adversaries.This paper further proposed a highly efficient CTL-ASWUDV scheme (CTL-ASWUDV-2).In the random oracle mo-del,the security of the second improved scheme can be reduced to computational Diffie-Hellman problem.At the same time,compared with the existing similar schemes,the proposed second scheme has the following advantages.It has no bilinear pairing operation in both single signature and aggregate signature,and the number of bilinear pairing operation needed by the aggregate signature verification is independent on the number of signers and it is equivalent to the number of a single signature verification,i.e.one pairing operation.The length of an aggregate signature and the length of a desi-gnated verifier signature are both independent on the number of signers and they are equivalent to the length of a single signature verification,i.e.one element,which largely saves the network bandwidth.

Key words: Network security,Certificateless signature,Aggregate signature,Designated verifier signature,Bilinear pairing

[1] SHAMIR A.Identity-Based cryptosystems and signature sche-mes[J].Workshop on the Theory & Application of Cryptographic Tecnhniques,1984,21(2):47-53.
[2] AL-RIYAMI S S,PATERSON K G.Certificateless public key cryptography[J].Lecture Notes in Computer Science,2003,3(2):452-473.
[3] ZHANG L,ZHANG F T.A Method to Construct a Class ofCertificateless Signature Schemes[J].Chinese J ournal of Computers,2009,32(5):940-945.(in Chinese) 张磊,张福泰.一类无证书签名方案的构造方法[J].计算机学报,2009,32(5):940-945.
[4] CHEN H,ZHU C J,SONG R S.Efficient Certificateless Signature and Group Signature Schemes[J].Journal of Computer Research and Development,2010,47(2):231-237.(in Chinese) 陈虎,朱昌杰,宋如顺.高效的无证书签名和群签名方案[J].计算机研究与发展,2010,47(2):231-237.
[5] DU H Z,WEN Q Y.Certificateless proxy multi-signature[J].Information Sciences,2014,276(c):21-30.
[6] BONEH D,GENTRY C,LYNN B,SHACHAM H.Aggregate and verifiably encrypted signatures from bilinear maps[J].Lecture Notes in Computer Science,2003,6(1):416-432.
[7] ZHANG L,ZHANG F T.A new certificateless aggregate signature scheme[J].Computer Communications,2009,32(6):1079-1085.
[8] DU H Z,HUANG M J,WEN Q Y.Efficient and provably-secure certificateless aggregate signature scheme[J].Acta Electronica Sinica,2013,1(1):72-76.(in Chinese) 杜红珍,黄梅娟,温巧燕.高效的可证明安全的无证书聚合签名方案[J].电子学报,2013,1(1):72-76.
[9] CHEN M.Improved certificateless aggregate signature with con-stant length[J].Application Research of Computers,2016(1):271-275.(in Chinese) 陈明.改进的签名长度固定的无证书聚合签名方案[J].计算机应用研究,2016(1):271-275.
[10] ZHOU M,ZHANG M W,WAN C Z, et al.CCLAS:A Practical and Compact Certificateless Aggregate Signature with Share Extraction[J].International Journal of Network Security,2014,16(3):174-181.
[11] CHEN H,WEI S M,ZHU C J,et al.Secure Certificateless Aggregate Signature Scheme[J].Journal of Software,2015,6(5):1173-1180.(in Chinese) 陈虎,魏仕民,朱昌杰,等.安全的无证书聚合签名方案[J].软件学报,2015,6(5):1173-1180.
[12] ZHOU Y W,YANG B,ZHANG W Z.Efficient and Provide Security Certificateless Aggregate Signature Scheme[J].Journal of Software,2015,26(12):3204-3214.(in Chinese) 周彦伟,杨波,张文政.高效可证安全的无证书聚合签名方案[J].软件学报,2015,26(12):3204-3214.
[13] ZHANG Y L,ZHOU D R,LI C Y,et al.Certificateless-based efficient aggregate signature scheme with universal designated verifier[J].Journal on Communications,2015,36(2):1-8.(in Chinese) 张玉磊,周冬瑞,李臣意,等.高效的无证书广义指定验证者聚合签名方案[J].通信学报,2015,36(2):1-8.
[14] DU H Z.Attacks on a Certificateless Aggregate SignatureScheme with Universal Designated Verifier[J].Henan Science,2015,33(7):1087-1090.(in Chinese) 杜红珍.无证书广义指定验证者聚合签名方案的攻击[J].河南科学,2015,33(7):1087-1090.
[15] QIN Y L,WU X P.Efficient certificateless sequential multi-signature scheme[J].Journal on Communications,2013,34(7):105-110.(in Chinese) 秦艳琳,吴晓平.高效的无证书有序多重签名方案[J].通信学报,2013,34(7):105-110.
[16] LIU E G,WANG X,ZHOU H J,et al.Improved Certificateless Proxy Blind Signature Scheme[J].Computer Science,2016,3(8):92-94.(in Chinese) 刘二根,王霞,周华静,等.改进的无证书代理盲签名方案[J].计算机科学,2016,3(8):92-94.
[17] POINTEHEVAL D,STERN J.Security arguments for digital signatures and blind signatures[J].Journal of Cryptology,2000,13(3):361-396.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发