计算机科学 ›› 2022, Vol. 49 ›› Issue (3): 329-337.doi: 10.11896/jsjkx.201200256
张振超1, 刘亚丽1,2, 殷新春1,3
ZHANG Zhen-chao1, LIU Ya-li1,2, YIN Xin-chun1,3
摘要: 证书广义签密方案不仅可以解决证书管理和密钥托管问题,而且可以根据实际需求分别作为加密方案、签名方案或签密方案,在资源受限的物联网环境中具有广泛的应用场景。但是,通过具体的攻击方法证明Karati等的方案不能抵抗伪造攻击,文中总结了攻击者成功伪造的原因。针对上述问题,提出了一种无双线性配对的无证书广义签密方案,并在随机预言模型下基于计算性Diffie-Hellman问题和离散对数问题对该方案进行了安全性证明。性能评估结果表明,与现有方案相比,该方案在计算代价及通信开销方面具有优势,适用于资源受限的物联网设备之间数据的安全传输。
中图分类号:
[1]YANG Y,WU L,YIN G,et al.A survey on security and privacy issues in Internet-of-Things[J].IEEE Internet of Things Journal,2017,4(5):1250-1258. [2]KHAN M A,SALAH K.IoT security:Review,blockchain solutions,and open challenges[J].Future Generation Computer Systems,2018,82:395-411. [3]LIN J,YU W,ZHANG N,et al.A survey on internet of things:architecture,enabling technologies,security and privacy,and applications[J].IEEE Internet of Things Journal,2017,4(5):1125-1142. [4]BELGUITH S,KAANICHE N,HAMMOUDEH M,et al.Proud:Verifiable privacy-preserving outsourced attribute based signcryption supporting access policy update for cloud assisted iot applications[J].Future Generation Computer Systems,2020,111:899-918. [5]SHAMIR A.Identity-based cryptosystems and signature sche-mes[C]//Workshop on the Theory and Application of Cryptographic Techniques.Berlin:Springer,1985:47-53. [6]AL-RIYAMI S S,Paterson K G.Certificateless public key cryptography[C]//Advancesin Cryptology-ASIACRYPT’03.Berlin:Springer,2003:452-473. [7]BARBOSA M,FARSHIM P.Certificateless signcryption[C]//Proceedings of the 2008 ACM Symposium on Information,Computer and Communications Security.New York:ACM,2008:369-372. [8]LI F,HAN Y,JIN C.Certificateless online/offline signcryption for the Internet of Things[J].Wireless Networks,2017,23(1):145-158. [9]ULLAH I,AMIN N U,ZAREEI M,et al.A lightweight andprovable secured certificateless signcryption approach for crowdsourced IIoT applications[J].Symmetry,2019,11(11):1386. [10]LIU X,WANG Z,YE Y,et al.An efficient and practical certificateless signcryption scheme for wireless body area networks[J].Computer Communications,2020,162:169-178. [11]NIU S,NIU L,WANG C,et al.Certificateless generalized signcryption scheme in the standard model[J].Journal on Communications,2017,38(4):35-45. [12]ZHOU C.An improved lightweight certificateless generalizedsigncryption scheme for mobile-health system[J].International Journal of Distributed Sensor Networks,2019,15(1):1-16. [13]WAHEED A,IQBAL J,DIN N,et al.Improved cryptanalysis of provable certificateless generalized signcryption[J].Internatio-nal Journal of Advanced Computer Science and Applications,2019,10(4):1-7. [14]ZHANG B,JIA Z,ZHAO C.An efficient certificateless genera-lized signcryption scheme[J].Security and Communication Networks,2018,2018(1):1-11. [15]MANDAL S,BERA B,SUTRALA A K,et al.Certificateless-signcryption-based three-factor user access control scheme for IoT environment[J].IEEE Internet of Things Journal,2020,7(4):3184-3197. [16]RASTEGARI P.On the security of some recently proposed certificateless signcryption schemes[C]//2020 17th International ISC Conference on Information Security and Cryptology (ISCISC).IEEE,2020:95-100. [17]KARATI A,FAN C,HSU R,et al.Provably secure and gene-ralized signcryption with public verifiability for secure data transmission between resource-constrained IoT devices[J].IEEE Internet of Things Journal,2019,6(6):10431-10440. [18]LIU Z,HU Y,ZHANG X,et al.Certificateless signcryptionscheme in the standard model[J].Information Sciences,2010,180(3):452-464. [19]ZHOU C,ZHOU W,DONG X,et al.Provable certificatelessgeneralized signcryption scheme[J].Designs,Codes and Cryptography,2014,71(2):331-346. [20]WAHEED A,IQBAL J,DIN N,et al.Improved cryptanalysis of provable certificateless generalized signcryption[J].InternationalJournal of Advanced Computer Science and Applications,2019,10(4):610-616. [21]MIAO S,ZHANG F,LI S,et al.On security of a certificateless signcryption scheme[J].Information Sciences,2013,232:475-481. [22]WAHEED A,IQBAL J,DIN N,et al.Improved cryptanalysis of provable certificateless generalized signcryption[J].Internatio-nal Journal of Advanced Computer Science and Applications,2019,10(4):610-616. |
[1] | 张翀宇, 陈彦明, 李炜. 边缘计算中面向数据流的实时任务调度算法 Task Offloading Online Algorithm for Data Stream Edge Computing 计算机科学, 2022, 49(7): 263-270. https://doi.org/10.11896/jsjkx.210300195 |
[2] | 张翕然, 刘万平, 龙华. 物联网僵尸网络病毒的传播动力学模型与分析 Dynamic Model and Analysis of Spreading of Botnet Viruses over Internet of Things 计算机科学, 2022, 49(6A): 738-743. https://doi.org/10.11896/jsjkx.210300212 |
[3] | 周天清, 岳亚莉. 超密集物联网络中多任务多步计算卸载算法研究 Multi-Task and Multi-Step Computation Offloading in Ultra-dense IoT Networks 计算机科学, 2022, 49(6): 12-18. https://doi.org/10.11896/jsjkx.211200147 |
[4] | 董丹丹, 宋康. RIS辅助双向物联网通信系统性能分析 Performance Analysis on Reconfigurable Intelligent Surface Aided Two-way Internet of Things Communication System 计算机科学, 2022, 49(6): 19-24. https://doi.org/10.11896/jsjkx.220100064 |
[5] | 沈家芳, 钱丽萍, 杨超. 面向集能型中继窄带物联网的非正交多址接入和多维网络资源优化 Non-orthogonal Multiple Access and Multi-dimension Resource Optimization in EH Relay NB-IoT Networks 计算机科学, 2022, 49(5): 279-286. https://doi.org/10.11896/jsjkx.210400239 |
[6] | 张叶, 李志华, 王长杰. 基于核密度估计的轻量级物联网异常流量检测方法 Kernel Density Estimation-based Lightweight IoT Anomaly Traffic Detection Method 计算机科学, 2021, 48(9): 337-344. https://doi.org/10.11896/jsjkx.200600108 |
[7] | 李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021 |
[8] | 李嘉明, 赵阔, 屈挺, 刘晓翔. 基于知识图谱的区块链物联网领域研究分析 Research and Analysis of Blockchain Internet of Things Based on Knowledge Graph 计算机科学, 2021, 48(6A): 563-567. https://doi.org/10.11896/jsjkx.200600071 |
[9] | 王锡龙, 李鑫, 秦小麟. 电力物联网下分布式状态感知的源网荷储协同调度 Collaborative Scheduling of Source-Grid-Load-Storage with Distributed State Awareness UnderPower Internet of Things 计算机科学, 2021, 48(2): 23-32. https://doi.org/10.11896/jsjkx.200900209 |
[10] | 王卫红, 陈震宇. 基于改进区块链的智能制造安全模型 Intelligent Manufacturing Security Model Based on Improved Blockchain 计算机科学, 2021, 48(2): 295-302. https://doi.org/10.11896/jsjkx.191200159 |
[11] | 刘新, 黄缘缘, 刘子昂, 周睿. IoTGuardEye:一种面向物联网服务的Web攻击检测方法 IoTGuardEye:A Web Attack Detection Method for IoT Services 计算机科学, 2021, 48(2): 324-329. https://doi.org/10.11896/jsjkx.200800030 |
[12] | 张育龙, 王强, 陈明康, 孙静涛. 图像去雨算法在云物联网应用中的研究综述 Survey of Intelligent Rain Removal Algorithms for Cloud-IoT Systems 计算机科学, 2021, 48(12): 231-242. https://doi.org/10.11896/jsjkx.201000055 |
[13] | 宗思洁, 覃天, 贺龙兵. 面向IOT芯片的安全启动算法分析与应用 Analysis and Application of Secure Boot Algorithm Based on IOT Chip 计算机科学, 2021, 48(11A): 552-556. https://doi.org/10.11896/jsjkx.210300237 |
[14] | 刘炜, 阮敏捷, 佘维, 张志鸿, 田钊. 面向物联网的PBFT优化共识算法 PBFT Optimized Consensus Algorithm for Internet of Things 计算机科学, 2021, 48(11): 151-158. https://doi.org/10.11896/jsjkx.210500038 |
[15] | 梁俊斌, 田凤森, 蒋婵, 王天舒. 物联网中多设备多服务器的移动边缘计算任务卸载技术综述 Survey on Task Offloading Techniques for Mobile Edge Computing with Multi-devices and Multi-servers in Internet of Things 计算机科学, 2021, 48(1): 16-25. https://doi.org/10.11896/jsjkx.200500095 |
|