电子学报 ›› 2008, Vol. 36 ›› Issue (7): 1468-1472.

• 论文 • 上一篇    

两种无证书的分布环签名方案

桑永宣, 曾吉文   

  1. 厦门大学数学科学学院,福建厦门 361005
  • 收稿日期:2006-06-12 修回日期:2008-02-22 出版日期:2008-07-25 发布日期:2008-07-25

Two Certificateless Distributed Ring Signature Schemes

SANG Yong-xuan, ZENG Ji-wen   

  1. School of Mathematics,Xiamen University,Xiamen,Fujian 361005,China
  • Received:2006-06-12 Revised:2008-02-22 Online:2008-07-25 Published:2008-07-25

摘要: 2004年Javier Heranz等人推广了环签名的概念,提出了两种基于身份的分布环签名方案,并证明了它们的安全性.但是Javier Heranz等人的方案继承了基于身份的公钥密码体制的固有缺陷,即密钥托管问题.本文将Javier Heranz等人的方案应用到无证书的环境下,提出了两种无证书的分布环签名方案.第一种方案是利用双线性对构造的,可用于一般的分布环签名的情形.第二种方案利用的是Shamir的秘密共享方案,用于门限可进入结构的情形,其效率较第一种方案高.它们既保留了Javier Heranz等人的方案的优点,又达到了真正的不可伪造性.

关键词: 分布环签名, 无证书的公钥体制, 计算性Diffie-Hellman问题, 门限可进入结构

Abstract: The previous distributed ring signature schemes proposed by Javier Herranz inherit key escrow problem of identity-based public key cryptography.In this paper,we propose two secure certificateless distributed ring signature schemes.Such schemes provide unconditional anonymity to a subset of users who sign a message on behalf of a family of subsets.Our first scheme is based on bilinear pairings,and can be used for general families of possible signing subsets.Its idea comes from that of Schnorr’s ring signature scheme.The second scheme is based on Shamir’s secret sharing scheme and more efficient for threshold families of subsets.Futhermore,in certificateless scenarios,the trusted authority takes part in generating entities’private keys,but he does not access to these private keys.So our two schemes retain the desirable properties of identity-based distributed ring signature schemes and avoid the inherent escrow of them,therefore actually possess the alleged unforgeability.

Key words: distributed ring signature, computational Diffie-Hellman problem, public key cryptography, threshold access structure

中图分类号: