电子学报 ›› 2022, Vol. 50 ›› Issue (2): 358-365.DOI: 10.12263/DZXB.20200905

• 学术论文 • 上一篇    下一篇

群智网络中基于区块链的有序聚合签名认证方案

杨坤伟, 杨波, 周彦伟()   

  1. 陕西师范大学计算机科学学院,陕西 西安 710062
  • 收稿日期:2020-08-18 修回日期:2021-03-02 出版日期:2022-02-25
    • 作者简介:
    • 杨坤伟 男,1990年出生于陕西省咸阳市.陕西师范大学计算机科学学院博士生.研究方向为密码学、信息安全.E-mail: yangkunwei@snnu.edu.cn
      杨 波 男,1963年出生于陕西省富平县.教授,博士生导师,陕西省“百人计划”特聘教授.研究方向为密码学、信息安全. E-mail: byang@snnu.edu.cn
      周彦伟 男,1986年出生于甘肃省通渭县.陕西师范大学计算机科学学院博士生.研究方向为密码学、匿名通信技术. E-mail: zhouyanwei1986@163.com
    • 基金资助:
    • 国家重点研发计划 (2017YFB0802000); 国家自然科学基金 (U2001205); “十三五”国家密码发展基金 (MMJJ20180217); 中央高校基本科研业务费 (GK202003079)

A Sequential Aggregate Signature Authentication Scheme Based on Blockchain for Crowdsensing System

YANG Kun-wei, YANG Bo, ZHOU Yan-wei()   

  1. School of Computer Science, Shaanxi Normal University, Xi’an, Shaanxi 710062, China
  • Received:2020-08-18 Revised:2021-03-02 Online:2022-02-25 Published:2022-02-25
    • Supported by:
    • National Key Research and Development Program of China (2017YFB0802000); National Natural Science Foundation of China (U2001205); National Cryptography Development Fund during the 13th Five-year Plan (MMJJ20180217); Fundamental Research Funds for the Central Universities (GK202003079)

摘要:

传统的中心化认证机制存在单点故障和证书签发不透明等问题,难以适用具有高度自治性和动态多变性的群智网络,因此本文提出了一个基于区块链的轻量级认证机制和一个有序聚合签名方案,二者结合实现了点对点的去中心认证.在认证机制中,区块链作为一个去中心化的底层存储数据库,用来记录密钥、证书、签名和所有其他相关信息,通过对用户节点的公钥证书进行有序签名可以证明其身份的真实性,同时形成一条具有公信力的证书链.针对现有有序聚合签名方案公钥长度较长、验证效率低下的问题,基于BLS签名提出了一个新的有序聚合签名方案,并在有序聚合认证密钥模型下证明了方案的不可伪造性,分析了该方案所具有的公开验证性等安全属性.与现有方案相比较,本文方案的公钥和签名长度更短,且签名长度与用户数无关,更适用于带宽较低的群智网络环境.

关键词: 群智网络, 有序聚合签名, 区块链, 公开验证, 身份认证

Abstract:

Due to the single point failure and opacity of certificate issuance in traditional centralized authentication mechanism, it is difficult to apply to crowdsensing system with high autonomy and dynamic variability. In order to solve this problem, a lightweight authentication mechanism based on blockchain and a new sequential aggregate signature scheme is proposed in this paper. The combination of the two can implements a peer-to-peer de-centralization authentication. In our authentication mechanism, the blockchain acts as a de-centralized underlying storage database for recording keys, certificates, signatures and all other related information. Users can prove the authenticity of their identity with the sequential aggregate signature in the public key certificates of other nodes and establish creditable certificate chains. To solve the problem of long public key length and low verification efficiency in the existing sequential aggregate signature scheme, a new scheme for sequential aggregate signature is proposed based on BLS short signature scheme and its unforgeability is proven under the sequential aggregate certified-key model. This paper also discusses such security properties of the schemes as public verifiability. Compared with other existing sequential aggregate signature schemes in the computationally complexity, the new scheme is more acceptable to the low bandwidth environment of crowdsensing system in that the length of public key and signature is independent of the number of users.

Key words: crowdsensing system, sequential aggregate signatures, blockchain technology, public verifiability, authentication mechanism

中图分类号: