一种标准模型下无证书签名方案的安全性分析与改进

doi:10.3969/j.issn.0372-2112.2019.09.022

电子学报 ›› 2019, Vol. 47 ›› Issue (9): 1972-1978.DOI: 10.3969/j.issn.0372-2112.2019.09.022

一种标准模型下无证书签名方案的安全性分析与改进

杨小东, 王美丁, 裴喜祯, 李雨潼, 陈春霖, 麻婷春

西北师范大学计算机科学与工程学院, 甘肃兰州 730070

收稿日期:2018-07-21 修回日期:2018-11-13 出版日期:2019-09-25
- 作者简介:
- 杨小东.Email:y200888@163.com;王美丁.E-mail:775631303@qq.com;裴喜祯.E-mail:15635293587@163.com;李雨潼.E-mail:lytnwnu@163.com;陈春霖.E-mail:chenchunlin731@163.com;麻婷春.E-mail:nwnumtch@163.com
- 基金资助:
- 国家自然科学基金 (No.61662069，No.61562077）; 中国博士后科学基金 (No.2017M610817）; 兰州市科技计划项目 (No.2013-4-22）; 西北师范大学青年教师科研能力提升计划项目 (No.WNU-LKQN-14-7）

Security Analysis and Improvement of a Certificateless Signature Scheme in the Standard Model

YANG Xiao-dong, WANG Mei-ding, PEI Xi-zhen, LI Yu-tong, CHEN Chun-lin, MA Ting-chun

College of Computer Science and Engineering, Northwest Normal University, Lanzhou, Gansu 730070, China

Received:2018-07-21 Revised:2018-11-13 Online:2019-09-25 Published:2019-09-25

摘要/Abstract

摘要： 无证书签名具有基于身份密码体制和传统公钥密码体制的优点，可解决复杂的公钥证书管理和密钥托管问题.Wu和Jing提出了一种强不可伪造的无证书签名方案，其安全性不依赖于理想的随机预言机.针对该方案的安全性，提出了两类伪造攻击.分析结果表明，该方案无法实现强不可伪造性，并在"malicious-but-passive"的密钥生成中心攻击下也是不安全的.为了提升该方案的安全性，设计了一个改进的无证书签名方案.在标准模型中证明了改进的方案对于适应性选择消息攻击是强不可伪造的，还能抵抗恶意的密钥生成中心攻击.此外，改进的方案具有较低的计算开销和较短的私钥长度，可应用于区块链、车联网、无线体域网等领域.

关键词: 无证书签名, 伪造攻击, 公钥, 私钥, 数字签名, 密码学

Abstract: Certificateless signature combines the advantages of identity-based cryptosystem and traditional public-key cryptosystem to solve the problems of complex public key certificate management and key escrow.Wu and Jing proposed a strongly unforgeable certificateless signature scheme whose security does not depend on the ideal random oracle.In this paper,two types of forgery attacks are proposed for the security of this scheme.The analysis results show that this scheme cannot achieve strong unforgeability and is insecure under the "malicious-but-passive" key generation center attack.To enhance the security of this scheme,an improved certificateless signature scheme is presented.The improved scheme is proved to be strongly unforgeable against adaptive chosen-message attacks and can also resist malicious key generation center attacks.In addition,the improved scheme has lower computational overhead and shorter private key length,and can be applied to blockchain,Internet of vehicles,wireless body area network and other fields.

Key words: certificateless signature, forgery attack, public key, private key, digital signature, cryptography

中图分类号:

TP309.7

杨小东, 王美丁, 裴喜祯, 李雨潼, 陈春霖, 麻婷春. 一种标准模型下无证书签名方案的安全性分析与改进[J]. 电子学报, 2019, 47(9): 1972-1978.

YANG Xiao-dong, WANG Mei-ding, PEI Xi-zhen, LI Yu-tong, CHEN Chun-lin, MA Ting-chun. Security Analysis and Improvement of a Certificateless Signature Scheme in the Standard Model[J]. Acta Electronica Sinica, 2019, 47(9): 1972-1978.

参考文献

[1] Shen L,Ma J,Liu X,et al.A secure and efficientid-based aggregate signature scheme for wireless sensor networks[J].IEEE Internet of Things Journal,2017,4(2):546-554.
[2] Kang J,Yu R,Huang X,et al.Privacy-preserved pseudonym scheme for fog computing supported Internet of vehicles[J].IEEE Transactions on Intelligent Transportation Systems,2017,99:1-11.
[3] Shamir A.Identity-based cryptosystems and signature schemes[A].Proceedings of Workshop on the Theory and Application of Cryptographic Techniques[C].Berlin,Heidelberg,Germany:Springer,1981.47-53.
[4] Al-Riyami S S,Paterson K G.Certificateless public key cryptography[A].Proceedings of International Conference on the Theory and Application of Cryptology and Information Security[C].Berlin,Heidelberg,Germany:Springer,2003.452-473.
[5] Shim K A.Anew certificateless signature scheme provably secure in the standard model[J].IEEE Systems Journal,2018,99:1-10.
[6] Jia X,He D,Liu Q,et al.An efficient provably-secure certificateless signature scheme for Internet-of-Things deployment[J].Ad Hoc Networks,2018,71:78-87.
[7] Li F,Xie D,Gao W,et al.A certificateless signature scheme and a certificateless public auditing scheme with authority trust level 3+[J].Journal of Ambient Intelligence and Humanized Computing,2017,8(1):1-10.
[8] Yum D H,Lee P J.Generic construction of certificateless signature[A].Proceedings of Australasian Conference on Information Security and Privacy[C].Berlin,Heidelberg,Germany:Springer,2004.200-211.
[9] Yap W S,Chow S S M,Heng S H,et al.Security mediated certificateless signatures[A].Proceedings of Applied Cryptography and Network Security[C].Berlin,Heidelberg,Germany:Springer,2007.459-477.
[10] Wang L,Chen K,Long Y,et al.An efficient pairing-free certificateless signature scheme for resource-limited systems[J].Science China Information Sciences,2017,60(11):119-102.
[11] Canetti R,Goldreich O,Halevi S.The random oracle methodology,revisited[J].Journal of the ACM (JACM),2004,51(4):557-594.
[12] Liu J K,Au M H,Susilo W.Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model[A].Proceedings of the 2nd Symposium on Information,Computer and Communications Security[C].Berlin,Heidelberg,Germany:Springer,2007.273-283.
[13] Yuan Y,Wang C.Certificateless signature scheme with security enhanced in the standard model[J].Information Processing Letters,2014,114(9):492-499.
[14] Canard S,Trinh V C.An efficient certificateless signature scheme in the standard model[A].Proceedings of International Conference on Information Systems Security[C].Berlin,Heidelberg,Germany:Springer,2016.175-192.
[15] Boneh D,Shen E,Waters B.Strongly unforgeable signatures based on computational Diffie-Hellman[A].Proceedings of International Workshop on Public Key Cryptography[C].Berlin,Heidelberg,Germany:Springer,2006.229-240.
[16] Hung Y H,Huang S S,Tseng Y M,et al.Certificateless signature with strong unforgeability in the standard model[J].Informatica,2015,26(4):663-684.
[17] 吴涛,景晓军.一种强不可伪造无证书签名方案的密码学分析与改进[J].电子学报,2018,46(3):602-606. Wu Tao,Jing Xiao-jun.Cryptanalysis and improvement of a certificateless signature scheme with strong unforgeability[J].Acta Electronica Sinica,2018,46(3):602-606.(in Chinese)

一种标准模型下无证书签名方案的安全性分析与改进

Security Analysis and Improvement of a Certificateless Signature Scheme in the Standard Model

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	赵璐, 刘春红, 杜蛟, 曹天庆. Z₄上两类具有最优自相关四元序列的线性复杂度研究[J]. 电子学报, 2021, 49(4): 631-636.
[2]	陈露, 相峰, 孙知信. 基于属性密码体制的区块链安全技术研究进展[J]. 电子学报, 2021, 49(1): 192-200.
[3]	窦家维, 王颖囡, 葛雪. 区间关系保密计算若干问题研究[J]. 电子学报, 2021, 49(1): 50-57.
[4]	戚珉, 陈明. 标准模型下基于身份的混淆乐观公平交换方案[J]. 电子学报, 2020, 48(8): 1516-1527.
[5]	杨启良, 周彦伟, 杨坤伟, 王涛. 标准模型下可公开验证的匿名IBE方案的安全性分析[J]. 电子学报, 2020, 48(2): 291-295.
[6]	丁勇, 王冰尧, 袁方, 王玉珏, 张昆, 田磊. 支持第三方仲裁的智能电网数据安全聚合方案[J]. 电子学报, 2020, 48(2): 350-358.
[7]	李顺东, 杜润萌, 杨颜璟, 魏琼. 有理数相等的保密判定[J]. 电子学报, 2020, 48(10): 1933-1937.
[8]	侯红霞, 杨波, 张丽娜, 张明瑞. 安全的两方协作SM2签名算法[J]. 电子学报, 2020, 48(1): 1-8.
[9]	窦家维, 陈明艳. 多重集的保密计算及应用[J]. 电子学报, 2020, 48(1): 204-208.
[10]	施泰荣, 关杰, 刘文哲. AEGIS算法的弱状态分析[J]. 电子学报, 2018, 46(9): 2102-2107.
[11]	杜蛟, 刘春红, 张恩, 尚玉婧, 董乐. 基于拉丁方的GF(p)上q元旋转对称弹性函数的新构造[J]. 电子学报, 2018, 46(9): 2173-2180.
[12]	窦家维, 王文丽, 刘旭红, 李顺东. 有理区间的安全多方计算与应用[J]. 电子学报, 2018, 46(9): 2057-2062.
[13]	董丽华, 曾勇, 王春红, 胡予濮. LFCSR:基于FCSR的新密码学部件[J]. 电子学报, 2018, 46(8): 1924-1930.
[14]	李子臣, 张卷美, 杨亚涛, 张峰娟. 基于NTRU的全同态加密方案[J]. 电子学报, 2018, 46(4): 938-944.
[15]	吴涛, 景晓军. 一种强不可伪造无证书签名方案的密码学分析与改进[J]. 电子学报, 2018, 46(3): 602-606.