普适计算环境中认证协议的研究
|
摘要
论文对普适计算环境中的认证协议进行研究和设计。在基于普适计算环境进行的各种各样的应用中,信任的建立是第一前提,只有在相互信任的基础上,设备之间才可能通过各种方法来协同工作,并为用户提供服务。由于普适计算环境具有的移动性、分布性、开放性、动态性、不确定性等特征,使得传统的认证技术不适宜直接应用在普适计算环境中。一般的,我们可以通过直接信任和间接信任两种方式来建立信任关系,间接信任通过推荐的方式完成,而直接信任则主要通过各种认证技术的应用来完成。围绕着传统的认证协议,论文分别从分布式认证、门限认证、属性认证、匿名认证和双向认证等不同角度对认证协议进行了设计和改进,使得其更加适合于普适计算的应用环境,论文的主要研究工作如下:
(1)在普适计算环境中,建立了无需可信第三方参与的分布式认证模型。将传统的基于身份的密码体制的认证协议拓展为分布式认证协议,整个协议的执行无需可信第三方的参与,从系统密钥的分配阶段,到用户密钥的产生,再到认证交互过程,都由分布的多个认证方节点来协同完成,使得每个认证节点都具有较小的运算量与通信量。同时结合矢量空间门限构造方法,进行了门限分布式认证协议构造,使得认证系统具有了一定的冗余性和容错性,并且对该协议进行了形式化证明,证明了协议是IND-ID-CPA安全的。
(2)在矢量空间秘密共享基础上,设计并提出了普适计算环境中一种基于背景感知的认证协议。研究了普适计算环境下背景感知身份认证,通过分析将用户背景与用户属性进行了有机融合,通过合理的访问结构设置,在矢量空间门限方案的基础上,结合基于属性的密码体制,构造了基于属性的门限认证协议。协议具有分布式运算的特征,认证步骤由多个认证节点协同运算,保持了其小运算量和通信量的优点,同时协议基于用户属性完成对用户身份的认证,非常适合于普适计算环境。
(3)提出了普适计算环境中面向群的匿名认证协议。对普适计算环境中的匿名认证技术进行了研究。匿名认证的匿名性可以分为两个层次,一是对于被认证方身份的匿名性保护,即通过某种方法在不暴露被认证方完整身份的前提下达成对其的信任,基于属性的认证协议自身就具备了这种匿名性,另一种匿名性则是对于属性认证中的部分属性进行匿名性保护,这实际上是一种群的匿名性保护,本文针对这种应用,在标准ABE的基础上,结合拉格朗日插值多项式门限构造方法,进行了这种群匿名性的构造,并且对其正确性和匿名性都进行了数学推导和证明,最后通过实验对其进行了分析和验证。
(4)提出了基于签密技术的分布式门限双向认证协议。签密的核心即签密运算的构造中,入口参数同时包含了对方公钥和自己的私钥,所以使得其一次运算可以完成类似签名+加密的效果。本文针对这一特点分别在Zheng的签密体制和ABE体制下,完成了基于签密的双向认证协议构造,该双向协议的执行代价近似于单向认证协议,我们通过实验对此进行了验证。同时协议同样具有分布式运算特征和门限特征,非常适合于普适计算应用环境。
The establishment of trust is the first prerequisite for all kinds of applications based on thepervasive computing environment, because it is on the basis of mutual trust that devices can cooperatewith one another through various ways to provide service for users. We generally can build trustrelationship by such two ways as direct trust and indirect trust, and indirect trust is completed byrecommendation while direct trust mainly by application of all sorts of authentication technologies.Pervasive computing environment has the characteristics of mobility, distributivity, openness,dynamism and uncertainty and so on, which makes the traditional authentication technology notsuitable for being directly applied in the pervasive computing environment, so this paper aims tostudy the authentication technology in the pervasive computing environment and the major researchworks are as follows:
(1) Distributed authentication model without key distribute center (KDC) involved is created inthe pervasive computing environment. The traditional authentication protocol of identity-basedencryption (IBE) system is developed into distributed authentication protocol, without KDCparticipated in its implementation and the distributed junctions of various authentications coordinatewith one another to complete from the distribution phase of the system’s key to the generation of theuser’s key and then to the authentication interactive process, making every authentication junction getrelatively smaller operation and traffic. Meanwhile the threshold distributed authentication protocol iscreated with the construction method of vector space threshold for reference, so that the authenticationsystem has the features of redundancy and fault tolerance and moreover the formal verification of thisprotocol proves its security in IND-ID-CPA.
(2) The thesis studies the identity authentication of context dependent in the pervasive computingenvironment, integrates users’ background with their attributes in an organic way through analysis,and establishes attribute-based threshold authentication protocol with the combination ofattribute-based encryption (ABE) system through appropriate setting of access structure, on the basisof vector space threshold project. The protocol still has the feature of distributed operation, and itsauthentication procedures are completed by various authentication junctions, keeping its advantagesof small operation and traffic and also the identity authentication completed by the protocol based onusers’ attribute is very suitable for the pervasive computing environment.
(3) The thesis analyzes the anonymous authentication technology in the pervasive computing environment. Anonymity of anonymous authentication is divided into two levels: the one isanonymous protection for the identity of the authenticated party, namely, having trust to theauthenticated party in a way which will not expose its complete identity and thus the attribute-basedauthentication protocol will possess such anonymity; the other one is anonymous protection for partattributes of attribute authentication, which is actually anonymous protection for group and for suchapplication, this paper is intended to construct this group anonymity with the combination ofconstruction method of Lagrange interpolation polynomial threshold on the basis of standard ABE andto carry out mathematical derivation and demonstration for its correctness and anonymity, whichfinally is analyzed and verified by the experiment.
(4) The construction of two-way authentication protocol of signcryption-based distributedthreshold is completed. Entry parameter consists of the public key and private key in the constructionof signcryption operation-the core of signcryption; therefore similar effects as signature andencryption can be together completed in an operation. Two-way signcryption-based authenticationprotocol is completed in the (Zheng) signcryption and ABE system in this paper and it is verified bythe experiment that the price for implementing this two-way protocol is similar to that of one-wayauthentication protocol. Also this protocol of distributed operation and threshold characteristics isvery suitable for the pervasive computing environment.
(1)在普适计算环境中,建立了无需可信第三方参与的分布式认证模型。将传统的基于身份的密码体制的认证协议拓展为分布式认证协议,整个协议的执行无需可信第三方的参与,从系统密钥的分配阶段,到用户密钥的产生,再到认证交互过程,都由分布的多个认证方节点来协同完成,使得每个认证节点都具有较小的运算量与通信量。同时结合矢量空间门限构造方法,进行了门限分布式认证协议构造,使得认证系统具有了一定的冗余性和容错性,并且对该协议进行了形式化证明,证明了协议是IND-ID-CPA安全的。
(2)在矢量空间秘密共享基础上,设计并提出了普适计算环境中一种基于背景感知的认证协议。研究了普适计算环境下背景感知身份认证,通过分析将用户背景与用户属性进行了有机融合,通过合理的访问结构设置,在矢量空间门限方案的基础上,结合基于属性的密码体制,构造了基于属性的门限认证协议。协议具有分布式运算的特征,认证步骤由多个认证节点协同运算,保持了其小运算量和通信量的优点,同时协议基于用户属性完成对用户身份的认证,非常适合于普适计算环境。
(3)提出了普适计算环境中面向群的匿名认证协议。对普适计算环境中的匿名认证技术进行了研究。匿名认证的匿名性可以分为两个层次,一是对于被认证方身份的匿名性保护,即通过某种方法在不暴露被认证方完整身份的前提下达成对其的信任,基于属性的认证协议自身就具备了这种匿名性,另一种匿名性则是对于属性认证中的部分属性进行匿名性保护,这实际上是一种群的匿名性保护,本文针对这种应用,在标准ABE的基础上,结合拉格朗日插值多项式门限构造方法,进行了这种群匿名性的构造,并且对其正确性和匿名性都进行了数学推导和证明,最后通过实验对其进行了分析和验证。
(4)提出了基于签密技术的分布式门限双向认证协议。签密的核心即签密运算的构造中,入口参数同时包含了对方公钥和自己的私钥,所以使得其一次运算可以完成类似签名+加密的效果。本文针对这一特点分别在Zheng的签密体制和ABE体制下,完成了基于签密的双向认证协议构造,该双向协议的执行代价近似于单向认证协议,我们通过实验对此进行了验证。同时协议同样具有分布式运算特征和门限特征,非常适合于普适计算应用环境。
The establishment of trust is the first prerequisite for all kinds of applications based on thepervasive computing environment, because it is on the basis of mutual trust that devices can cooperatewith one another through various ways to provide service for users. We generally can build trustrelationship by such two ways as direct trust and indirect trust, and indirect trust is completed byrecommendation while direct trust mainly by application of all sorts of authentication technologies.Pervasive computing environment has the characteristics of mobility, distributivity, openness,dynamism and uncertainty and so on, which makes the traditional authentication technology notsuitable for being directly applied in the pervasive computing environment, so this paper aims tostudy the authentication technology in the pervasive computing environment and the major researchworks are as follows:
(1) Distributed authentication model without key distribute center (KDC) involved is created inthe pervasive computing environment. The traditional authentication protocol of identity-basedencryption (IBE) system is developed into distributed authentication protocol, without KDCparticipated in its implementation and the distributed junctions of various authentications coordinatewith one another to complete from the distribution phase of the system’s key to the generation of theuser’s key and then to the authentication interactive process, making every authentication junction getrelatively smaller operation and traffic. Meanwhile the threshold distributed authentication protocol iscreated with the construction method of vector space threshold for reference, so that the authenticationsystem has the features of redundancy and fault tolerance and moreover the formal verification of thisprotocol proves its security in IND-ID-CPA.
(2) The thesis studies the identity authentication of context dependent in the pervasive computingenvironment, integrates users’ background with their attributes in an organic way through analysis,and establishes attribute-based threshold authentication protocol with the combination ofattribute-based encryption (ABE) system through appropriate setting of access structure, on the basisof vector space threshold project. The protocol still has the feature of distributed operation, and itsauthentication procedures are completed by various authentication junctions, keeping its advantagesof small operation and traffic and also the identity authentication completed by the protocol based onusers’ attribute is very suitable for the pervasive computing environment.
(3) The thesis analyzes the anonymous authentication technology in the pervasive computing environment. Anonymity of anonymous authentication is divided into two levels: the one isanonymous protection for the identity of the authenticated party, namely, having trust to theauthenticated party in a way which will not expose its complete identity and thus the attribute-basedauthentication protocol will possess such anonymity; the other one is anonymous protection for partattributes of attribute authentication, which is actually anonymous protection for group and for suchapplication, this paper is intended to construct this group anonymity with the combination ofconstruction method of Lagrange interpolation polynomial threshold on the basis of standard ABE andto carry out mathematical derivation and demonstration for its correctness and anonymity, whichfinally is analyzed and verified by the experiment.
(4) The construction of two-way authentication protocol of signcryption-based distributedthreshold is completed. Entry parameter consists of the public key and private key in the constructionof signcryption operation-the core of signcryption; therefore similar effects as signature andencryption can be together completed in an operation. Two-way signcryption-based authenticationprotocol is completed in the (Zheng) signcryption and ABE system in this paper and it is verified bythe experiment that the price for implementing this two-way protocol is similar to that of one-wayauthentication protocol. Also this protocol of distributed operation and threshold characteristics isvery suitable for the pervasive computing environment.
引文
[1]Mark W. The Computer for the21st Century [J]. Scientific American,1991,265(3):94-104.
[2]Dertouzos M. The future of computing[J]. Scientific American,1999,282(3):52-63.
[3]Zhang J, Mao J. A novel id-based designated verifier signature scheme[J]. Information Sciences,2008,178(3),766–773.
[4]Hu CJ, Zhang QF, Wu FL. An improved Authenticated (t, n) ECC Threshold Signature EncryptionScheme based on ECC[C]. Proceedings of2006international conference on machine learning andcybernetics,2006:2674-2678.
[5]Wei VK, Yuen T, Zhang F. Group signature where group manager, members and Open Authorityare identity-based[C]. Information Security and Privacy:10th Australasian Conference. Lecture Notesin Computer Science,2005:468-480.
[6]Huang Z, Hao Y, Wang Y. Authorized group signature[J]. Acta Electronica Sinica,2004(32):774-7.
[7]Lee HK, Design of modified CGA for address auto-configuration and digital signature inhierarchical mobile ad-hoc network, LECT Notes Computer Science3961:217-226,2006
[8][1]SAHAI A, WATERS B. Fuzzy ideneity-based encryption[C]. EUROCRYPT2005, LNCS3494.Berlin: Springer-Verlag,2005:457-473.
[9]Jong YC, Golle P, Jakobsson M. Tamper-evident digital signatures: protecting certificationauthorities against malware[C]. The2nd IEEE International Symposium on Dependable, Autonomicand Secure Computing.2006:8.
[10]Kim BM. Disadter coverable PKI model utilizing the existing OKI structure[C].Berlin:Spring-Verlag, LNCS2006,4277:537-545.
[11]Wolfe.ST, Ahamed. SI, Zulkernine. M. A trust framework for pervasive computingenvironments[C]. IEEE International Conference on Computer Systems and Applications,2006,1-3:312-319.
[12]徐光祐,史元春,谢伟凯.普适计算[J].计算机学报,2003,26(9):1024-1050.
[13]Rosenthal L, Stanford V. NIST smart space: pervasive computing initiative[C]. IEEE9thInternational Workshops on Enabling Technologie. Infrastructure for Collaborative EnterprisesProceedings,2000,6-11.
[14]Teller A. A platform for wearable physiological computing[J]. Interacting with Computers,2004,16(5):917-937.
[15]Yang. YP, Williams. MH, Pooley. R, Dewar. R.. Context-aware personalization in pervasivecommunications[C], IEEE International Conference on E-Business Engineering. Proceedings:2006,663-669.
[16]Hemmati. H, Ranjbar. A, Niamanesh. M, Jalili. R. A model to support context-aware servicemigration in pervasive computing environments[C],9TH World Multi-conference on Systemics.Cybernetics and Informatics,2005,3:394-399.
[17]Vallee M, Ramparany F, Vercouter L. Flexible composition of smart device services[C],Proceedings of the2005International Conference on Pervasive Systems and Computing,2005,165-171.
[18]http://oxygen.lcs.mit.edu.
[19]Garlan D, Siewiorek D, Smailagic A, Steenkiste. Project Aura: Toward distraction-free oervasivecomputing[J], IEEE Pervasive Computing,2002,April-June,22-31.
[20]http://media.cs.tsinghua.edu.cn/~pervasive/.
[21]http://endeavour.cs.berkeley.edu.
[22]http://portolano.cs.washington.edu.
[23]NISHIDE T, YONEYAMA K, OHTA K. Attribute based encryption with partially hiddenencryptor-specified access structure[C]. ACNS2008, LNCS5037. Berlin: Springer-Verlag,2008:111-129.
[24]Brumitt B, Meyers B, Krumm J, Kern A, Shafer A. EasyLiving: Technologies for intelligentenvironments[C]. In proceedings of Second International Symposium on Handheld and UbiquitousComputing. Bristol, UK, Springer Verlag,2000:12-29.
[25]Liu Z, Peng D. A security-supportive middleware architecture for pervasive computing[C],2ndIEEE International Symposium on Dependable, Autonomic and Secure Computing.2006:8
[26]Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas MD. Towards security andprivacy for pervasive computing, Software Security-Theories and Systems[C]. InternationalSymposium, ISSS2002. LNCS,2003,2609:1-15.
[27]Stajano F. Security in pervasive computing[C]. First International Conference. LNCS,2004,2802:6-8.
[28]Zhu H, Li T. WiPSec: security service architecture for wireless pervasive computations[C], IEEE60th Vehicular Technology Conference. VTC2004-Fall,2004,5,3244-3248.
[29]GOYAL V, JAIN A, PANDEY O, et al. Bounded ciphertext policy attribute based encryption[C].ICALP2008, LNCS5126. Berlin: Springer-Verlag,2008:579-591.
[30]Basu J, Callaghan V. Towards a trust based approach to security and user confidence in pervasivecomputing systems[C]. IEEE Seminar on Intelligent Building Environments,2005,223-229.
[31]Bussard L, Roudier Y, Molva R. Untraceable secret credentials: Trust establishment withprivacy[C], Second IEEE Annual Conference on Pervasive Computing and Communications.PerCom,2004:122-126.
[32]Bicakci K, Baykal N. SAOTS: a new efficient server assisted signature scheme for pervasivecomputing, Security in Pervasive Computing. First International Conference. LNCS,2004,2802:187-200.
[33]Seys S, P Bart. Efficient cooperative signatures: A novel authentication scheme for sensornetworks[C]. Security in Pervasive Computing-Second International Conference, LNCS,2005,3450:86-100.
[34]Wishart R, Indulska J, Portmann M, Sutton P. Context-enhanced authentication forinfrastructureless network environments, Ubiquitous Intelligence and Computing[C]. ThirdInternational Conference. LNCS,2006,4159:924-935.
[35]郭亚军,李蓉.普适计算的访问控制研究[J].华中示范大学学报(自然科学版).2006,40(4):504-506.
[36]郭承霞,朱锡海,曹奇英.移动IPv6——普适计算的无缝安全策略[J],计算机应用研究.2006,4:118-120.
[37]郭亚军,洪帆,叶俊民,邱珊珊,宋建华,洪亮.普适计算的信任认证[J].计算机科学.2006,33(8):92-94.
[38]郭亚军,洪帆.基于信任的普适计算安全机制[J].计算机工程,2006,32(8):168-169.
[39]王益涵,陶莉,曹奇英.普适计算中信任模型的研究[J].计算机应用研究.2006,1:122-124.
[40]Lin H, Cao ZF, Liang XH, Shao J.Secure threshold multi authority attribute based encryptionwithout a central authority[J]. Information Sciences,2010,180(13):2618–2632.
[41]Wang F,Zhou YS, Gu LZ,Zheng SH,YANG YX. Multi-policy threshold signature withdistinguished signing authorities[J]. The Journal of China Universities of Posts andTelecommunications,2011,18(1):113–120.
[42]SIAMAK F S, REIHAEH S N. Threshold attribute based signatures and their application toanonymous credential systens[C]. AFRICACRYPT2009, LNCS5580. Berlin: Springer-Verlag,2009:198-216.
[43]Chai ZC, Cao ZF, Lu RX.Threshold password authentication against guessing attacks in Ad hocnetworks[J]. Ad Hoc Networks,2007,5(7):1046–1054.
[44] Nuttapong A, Javier H, Fabien L, Beno t L.Attribute-based encryption schemes withconstant-size ciphertexts[J]. Theoretical Computer Science,2012,422(9):15-38.
[45]Yu S, Ren K, Lou W. Attribute-based on-demand multicast group setup with membershipanonymity[J]. Computer Networks,2010,54(3):377-386.
[46]Wang G, Liu Q, Wu J, Guo M. Hierarchical attribute-based encryption and scalable userrevocation for sharing data in cloud servers[J]. Computers&Security,2011,30(5):320-331.
[47]苏金树,曹丹,王小峰等.属性基加密机制.软件学报2011,22(6):1299-1315.
[48]Zeng S, Jiang S, Qin Z. An efficient conditionally anonymous ring signature in the random oraclemodel[J]. Theoretical Computer Science,2012,461(23):106-114.
[49]Yu Y, Xu C, Huang X, Mu Y.An efficient anonymous proxy signature scheme with provablesecurity[J]. Computer Standards&Interfaces,2009,31(2):348-353.
[50]Hwang JY, Lee S, Chung BH,Cho YS, Nyang DH.Group signatures with controllable linkabilityfor dynamic membership[J]. Information Sciences,2013,222(10):761-778.
[51]Huang Q, Wong DS, Susilo W.Group-oriented fair exchange of signatures[J]. InformationSciences,2011,181(16):3267-3283.
[52] Donga Y, Suic AF, Yiub SM. Author Vitae Providing distributed certificate authority service incluster-based mobile ad hoc networks[J]. Computer Communications,2007,30(11–12):2442–2452.
[53]Lee YK,Lee DG,Han JW,Kim TH. Home Network Device Authentication: Device AuthenticationFramework and Device Certificate Profile[J]. The Computer Journal,2009,52(8):871-877.
[54]Khan MK,Kim SK, Alghathbara K. Cryptanalysis and security enhancement of a ‘more efficient&secure dynamic ID-based remote user authentication scheme[J]. The Computer Journal,2010,53(7):1062-1070.
[55]Shamir A. How to share a secret[C]. Communications of the ACM,1979,22(11):612-613.
[56]G R Blaklay. Safeguarding Cryptographic Keys[C]. Proceedings of National ComputerConference, American Federation of Information Processing Societies,1979,48:313-317.
[57]Brickell E F. Some ideal secret sharing schemes[C]. Advanced in Cryptology-EUROCRYPT’89Proceedings. Berlin: Springer Verlag,1990:468-475.
[58] Sedlak H. The RSA cryptography processor[C]. Advances in Cryptology-EUROCRYPT '87.Workshop on the Theory and Application of Cryptographic Techniques. Proceedings,1988:95-105.
[59]Qi M, Xiao GZ. Enhancing the security of generalized ELGamal type signature schemes[J], ActaElectronica Sinica,1996,24(11):68-72.
[60]Koblitz N. Elliptic curve cryptosystems[J]. Mathematics of Computation,1987,48:203-209.
[61]Miller V. Uses of elliptic curves in cryptography[C], Advances in Cryptology CRYPTO’85,Lecture Notes in Computer Science,1986:417-426.
[62]Cjow SSM, Hui LCK, Yiu SM. Identity based threshold ring signature[C]. Information Securityand Cryptology-ICISC2004.7th International Conference. LNCS,2004,3506:218-32.
[63]Jun F, Shoko Y. Group signatures with separate and distributed authorities[C]. Security inCommunication Networks-4th International Conference, LNCS,2004,3352:77-90.
[64]Chang YF, Chang CC, Huang HF. Digital signature with message recovery using self-certifiedpublic keys without trustworthy system authority[J]. Applied Mathematics andComputation,2005,161(4):211-227.
[65]Naor M, Pinkas B, Reingold O. Distributed pseudo-random functions and KDCs[C]. LNCS,1999:327-346.
[66]Daza V, Herranz J, Padro C. A distributed and computationally secure key distribution scheme[C],LNCS,2002,2433:342-356.
[67]Uriel F, Amos F, Adi S. Zero knowledge proofs of identity[C]. In Proceedings of the19th ACMSymp on Theory of Computing,1987:210-217.
[68]Fiat A,Shamir A. How to Prove Yourself: Practical Solutins of Identification and SignatureProblems[C]. Advances in Cryptology CRYPTO’86Proceedings, Springer-Verlag,1987:186-194.
[69]Fiat A,Shamir A. Unforgeable Proofs of Identity[C]. Proceedings of Securicom87, Paris,1987:147-153.
[70]Zhang JH. Linkability analysis of some blind signature schemes[C], International conference oncomputation intelligence and security.Proceedings,2006:367-1370.
[71]ZHENG Y. Digital signcryption or how to achieve cost (signature&encryption)< [72]刘佳,王建东,庄毅.基于矢量空间的模糊属性认证方案[J].计算机工程与应用,2012,48(19):4-7.
[73]陈伟冬,冯登国.签密方案在分布式协议中的应用[J].软件学报,2005,28(9):1421-1429.
[74]MANHO A, TSANG P P,SUSILO WILLY, et al. Dynamic universal accumulators for DDHgroups and their application to attribute based anonymous credential systems[C]. CT-RSA2009,LNCS5473. Berlin: Springer-Verlag,2009:1042-1045.
[75]Wang Y, Vassileva J. Tmst and Reputation Model in Peer-to-Peer Networks[C]. ThirdInternational Conference on Peer-to-Peer Computing(P2P103),2003:1-3.
[76]许春香,傅晓彤,肖国镇.矢量空间RSA数字签名方案[J].通信学报,2003,24(6):69-74.
[77]XU CX, CHEN K, XIAO GZ. A secure vector space secret sharing scheme[J]. Chinese of JournalElectronics.2002,30(5):715-718.
[78]MA CB, HE DK. A new chameleon threshold signature based on bilinear pairing[J]. Joural ofComputer Research and Development.2005,42(8):1427-1430.
[79]PANG LJ, PEI QQ, JIAO LC. An ID-Based Threshold Muti-Secret Sharing Scheme[J]. Journal ofSoftware.2008,19(10):2739-2745.
[80] HORSTER P, MICHELS M, PETERSEN H. Authenticated encryption schemes with lowcommunica-tion costs[J]. Electronics Letters.1994,30(15):1230-1231.
[81]Marti S. Taxonomy of trust: Categorizing P2P reputation systems[J]. Computer Networks,2006,50(4):472–484.
[82]Jusang A,Ismail R,Boyd C. A survey of trust and reputation systems for online serviceprovision[J]. Decision Support Systems,2007,43(2):618–644.
[83]Ramchurn SD, Huynh D, Jennings NR. Trust in multi-agent systems[J]. The KnowledgeEngineering Review,2004,19(01):1–25.
[84]Blaze M, Feigenbaum J, Ioannidis J,Keromytis A. The role of trust management in distributedsystems security[J]. Secure Internet Programming,1999:185–210.
[85]Diffie W,Hellman M.New directions in cryptography[J]. Information Theory, IEEETransactions,1976,22(6):644–654.
[86]CAMPBELL R,Al-MUHTADI J,NALDURG P. Towards security and privacy for pervasivecomputing[C]. Proceedings of International Symposium on Software Security, Berlin:Springer-Verlag,2002:1-15.
[87]Taher E. A public key cryptosystem and a signature scheme based on discrete logarithms[C]. InProceedings of CRYPTO84on Advances in cryptology, New York,1985.Springer-Verlag:10-18.
[88]卢开澄.计算机密码学[M].北京:清华大学出版社,2003:42-65.
[89]WANG HAO, XU QIU-LIANG, BAN TAO. A provably secure two-party attribute-based keyagreement protocol[C]. RITSUMEI K. The Fifth International Conference on Intelligent InformationHiding and Multimedia Signal Processing. Tokey: IEEE Computer Society,2009:1042-1045.
[90]REN Yong-jun, WANG Jian-dong, ZHUANG YI, et al. Attribute-based authenticated keyagreement protocol[J]. Journal of Lanzhou University(Natural Sciences),2010,46(2):103-110.
[91]Mark W. The computer for the twenty-first century[J]. Scientific American,1991,265(3):94–104.
[92]刘佳.基于秘密共享方案的高容错性PKI模型的研究与应用[D].南京:南京航空航天大学,2004.
[93]Carl M. Establishing Identity Without Certification Authorities[C]. roceedings of the6thUSENIXSecurity Symposium, San Jose, CA, USA,1996:67-76.
[94]IETF. Simple public key infrastructure[S].February2001.
[95]WANG HAO, XU Qiu-liang, FU XIU. Revocable attribute-based key agreement protocol in thestandard model[J]. Joural of Networks,2009,8(1):787-794.
[96]BETHENCOURT J, SAHAI A, WATER B. Ciphertext-policy attribute based encryption. In: IEEESymposium on Security and Privacy, IEEE Computer Society(2007):321-334.
[97]张秋璞;叶顶锋.对一个基于身份的多重签密方案的分析和改进[J].电子学报2011,39(12):2713-2720.
[98]SUN Yinxia, LI Hui. ID-based Signcryption KEM to Multiple Recipients[J]. CJE2011Vol.20:317-322.
[99] Boneh D, Franklin M. Identity-Based encryption from the weil pairing[C]. Advances inCryptology-CRYPTO2001.LNCS2139, Berlin, Heidelberg: Springer-Verlag,2001.213229.
[100]PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[C]. In ACMconference on Communications Security(ACMCCS), New York: ACM,2006:99-112.
[101]马春波,何大可.基于双线性映射的卡梅隆门限签名方案[J].计算机研究与发展,2005,42(8):1427-1430.
[102] Lewko A, Sahai A, Waters B. Revocation systems with very small private keys[C]. Proceedingsof the IEEE Symp on Security and Privacy. Washington: IEEE Computer Society,2010:273285.
[103] Shamir A. Identity-Based cryptosystems and signature schemes[C]. Advances in Cryptology-CRYPTO’84. Berlin, Heidelberg: Springer-Verlag,1984.4753.
[104] Nishide T, Yoneyama K, Ohta K. Attribute-Based encryption with partially hiddenencryptor-specified access structures[C]. Bellovin SM, Gennaro R, Keromytis A, Yung M, eds. Proc.of the Applied Cryptography and Network Security. Berlin, Heidelberg:Springer-Verlag,2008.111129.
[105] Fiat A, Naor M. Broadcast encryption[C]. Advances in Cryptology-CRYPTO’93. Berlin,Heidelberg: Springer-Verlag,1994.480491.
[106] Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers[C]. KilianJ, ed. Advances in Cryptology-CRYPTO2001. Berlin, Heidelberg: Springer-Verlag,2001.4162.
[107] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertextsand private keys[C]. Advances in Crytology-CRYPTO2005. Berlin, Heidelberg: Springer-Verlag,2005.258275.
[108] Sahai A, Waters B. Fuzzy identity-based encryption[C]. Advances in Cryptology-EUROCRYPT2005. Berlin,Heidelberg: Springer-Verlag,2005.457473.
[109]刘佳,庄毅,王建东.基于矢量空间的安全分布式签密方案.通信学报,2009,30(9):83-88.
[110]OostVeen AM,Besselaar P. Trust,Identity,and the Effects of Voting Technologies on VotingBehavior[J],Social Science Computer Review,2005,23(3):304-311.
[111]Herrmann K,Jaeger MA,PAYFLUX一Secure Electronic Payment in Mobile Ad HocNetworks[C]. Information and Communications Security.6thInternational Conference,ICICS2004.Proceedings. pp.66-78.
[112] BRICKELL E F. Some ideal secret sharing schemes[C]. Advanced in Cryptology-EUROCRYPT’89Proceedings. Berlin: Springer Verlag,1990.468-475.
[113] D. Khader, Attribute based group signatures[EB/OL]. http://eprint.iacr.org/2007/159,2007.
[114] Kiayias A, Zhou HS. Hidden identity-based signatures[C]. LNCS,2007,4886:134–147.
[115] Rivest RL, Shamir A, Tauman Y. How to leak a secret[C]. ASIACRYPT’01, LNCS,2001,2248:552–565.
[116]Bresson E, Stern J, Szydlo M. Threshold ring signatures and applications to ad-hoc groups[J].CRYPTO’02, LNCS,2002,2442:465–480.
[117] Chow S, Yiu S, Hui L. Efficient identity based ring signature[C]. ACNS’05, LNCS,2005,3531:499–512.
[118]Li J, Chen X, Yuen TH, Wang Y. Proxy ring signature: formal definitions, efficient constructionand new variant[C], CIS’06, LNCS,2007,4456:545–555.
[119]Shacham H,Waters B. Efficient ring signatures without random oracles[C]. PKC’07, LNCS,2007,4450:166–180.
[120]Chase M. Multi-authority attribute based encryption[C], TCC’07, LNCS,2007,4392:515–534.
[121]HORSTER P, MICHELS M, PETERSEN H. Authenticated encryption schemes with lowcommunica-tion costs[J]. Electronics Letters.1994,30(15):1230-1231.
[122]GENNARO R, JARECKI S, KRAWCZYK H. The security of distributed key generation inlog-based cryptosystems[C]. Advances in Cryptology-Eurocrypt’99. LNCS1592. Berlin:Springer-Verlag,1999.295-310.
[123]GOHEU J, JARECKI S. A signature scheme as secure as the Diffie-Hellman problem[C].Advances in Cryptology-EUROCRYPT2003. LNCS2656. Berlin: Springer-Verlag,2003.401-415.
[124]PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[C]. ACMconference on Communications Security(ACMCCS), New York: ACM,2006:99-112.
[125] B. Lynn.Pbc library[EB/OL], http://crypto.stanford.edu/pbc.2009
[126]李世群.普适计算中的安全问题研究[D].上海:上海交通大学博士论文,2007
[127]周炜.基于博弈论的普适计算信任模型的安全问题研究[D].青岛:中国海洋大学博士论文,2011
[2]Dertouzos M. The future of computing[J]. Scientific American,1999,282(3):52-63.
[3]Zhang J, Mao J. A novel id-based designated verifier signature scheme[J]. Information Sciences,2008,178(3),766–773.
[4]Hu CJ, Zhang QF, Wu FL. An improved Authenticated (t, n) ECC Threshold Signature EncryptionScheme based on ECC[C]. Proceedings of2006international conference on machine learning andcybernetics,2006:2674-2678.
[5]Wei VK, Yuen T, Zhang F. Group signature where group manager, members and Open Authorityare identity-based[C]. Information Security and Privacy:10th Australasian Conference. Lecture Notesin Computer Science,2005:468-480.
[6]Huang Z, Hao Y, Wang Y. Authorized group signature[J]. Acta Electronica Sinica,2004(32):774-7.
[7]Lee HK, Design of modified CGA for address auto-configuration and digital signature inhierarchical mobile ad-hoc network, LECT Notes Computer Science3961:217-226,2006
[8][1]SAHAI A, WATERS B. Fuzzy ideneity-based encryption[C]. EUROCRYPT2005, LNCS3494.Berlin: Springer-Verlag,2005:457-473.
[9]Jong YC, Golle P, Jakobsson M. Tamper-evident digital signatures: protecting certificationauthorities against malware[C]. The2nd IEEE International Symposium on Dependable, Autonomicand Secure Computing.2006:8.
[10]Kim BM. Disadter coverable PKI model utilizing the existing OKI structure[C].Berlin:Spring-Verlag, LNCS2006,4277:537-545.
[11]Wolfe.ST, Ahamed. SI, Zulkernine. M. A trust framework for pervasive computingenvironments[C]. IEEE International Conference on Computer Systems and Applications,2006,1-3:312-319.
[12]徐光祐,史元春,谢伟凯.普适计算[J].计算机学报,2003,26(9):1024-1050.
[13]Rosenthal L, Stanford V. NIST smart space: pervasive computing initiative[C]. IEEE9thInternational Workshops on Enabling Technologie. Infrastructure for Collaborative EnterprisesProceedings,2000,6-11.
[14]Teller A. A platform for wearable physiological computing[J]. Interacting with Computers,2004,16(5):917-937.
[15]Yang. YP, Williams. MH, Pooley. R, Dewar. R.. Context-aware personalization in pervasivecommunications[C], IEEE International Conference on E-Business Engineering. Proceedings:2006,663-669.
[16]Hemmati. H, Ranjbar. A, Niamanesh. M, Jalili. R. A model to support context-aware servicemigration in pervasive computing environments[C],9TH World Multi-conference on Systemics.Cybernetics and Informatics,2005,3:394-399.
[17]Vallee M, Ramparany F, Vercouter L. Flexible composition of smart device services[C],Proceedings of the2005International Conference on Pervasive Systems and Computing,2005,165-171.
[18]http://oxygen.lcs.mit.edu.
[19]Garlan D, Siewiorek D, Smailagic A, Steenkiste. Project Aura: Toward distraction-free oervasivecomputing[J], IEEE Pervasive Computing,2002,April-June,22-31.
[20]http://media.cs.tsinghua.edu.cn/~pervasive/.
[21]http://endeavour.cs.berkeley.edu.
[22]http://portolano.cs.washington.edu.
[23]NISHIDE T, YONEYAMA K, OHTA K. Attribute based encryption with partially hiddenencryptor-specified access structure[C]. ACNS2008, LNCS5037. Berlin: Springer-Verlag,2008:111-129.
[24]Brumitt B, Meyers B, Krumm J, Kern A, Shafer A. EasyLiving: Technologies for intelligentenvironments[C]. In proceedings of Second International Symposium on Handheld and UbiquitousComputing. Bristol, UK, Springer Verlag,2000:12-29.
[25]Liu Z, Peng D. A security-supportive middleware architecture for pervasive computing[C],2ndIEEE International Symposium on Dependable, Autonomic and Secure Computing.2006:8
[26]Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas MD. Towards security andprivacy for pervasive computing, Software Security-Theories and Systems[C]. InternationalSymposium, ISSS2002. LNCS,2003,2609:1-15.
[27]Stajano F. Security in pervasive computing[C]. First International Conference. LNCS,2004,2802:6-8.
[28]Zhu H, Li T. WiPSec: security service architecture for wireless pervasive computations[C], IEEE60th Vehicular Technology Conference. VTC2004-Fall,2004,5,3244-3248.
[29]GOYAL V, JAIN A, PANDEY O, et al. Bounded ciphertext policy attribute based encryption[C].ICALP2008, LNCS5126. Berlin: Springer-Verlag,2008:579-591.
[30]Basu J, Callaghan V. Towards a trust based approach to security and user confidence in pervasivecomputing systems[C]. IEEE Seminar on Intelligent Building Environments,2005,223-229.
[31]Bussard L, Roudier Y, Molva R. Untraceable secret credentials: Trust establishment withprivacy[C], Second IEEE Annual Conference on Pervasive Computing and Communications.PerCom,2004:122-126.
[32]Bicakci K, Baykal N. SAOTS: a new efficient server assisted signature scheme for pervasivecomputing, Security in Pervasive Computing. First International Conference. LNCS,2004,2802:187-200.
[33]Seys S, P Bart. Efficient cooperative signatures: A novel authentication scheme for sensornetworks[C]. Security in Pervasive Computing-Second International Conference, LNCS,2005,3450:86-100.
[34]Wishart R, Indulska J, Portmann M, Sutton P. Context-enhanced authentication forinfrastructureless network environments, Ubiquitous Intelligence and Computing[C]. ThirdInternational Conference. LNCS,2006,4159:924-935.
[35]郭亚军,李蓉.普适计算的访问控制研究[J].华中示范大学学报(自然科学版).2006,40(4):504-506.
[36]郭承霞,朱锡海,曹奇英.移动IPv6——普适计算的无缝安全策略[J],计算机应用研究.2006,4:118-120.
[37]郭亚军,洪帆,叶俊民,邱珊珊,宋建华,洪亮.普适计算的信任认证[J].计算机科学.2006,33(8):92-94.
[38]郭亚军,洪帆.基于信任的普适计算安全机制[J].计算机工程,2006,32(8):168-169.
[39]王益涵,陶莉,曹奇英.普适计算中信任模型的研究[J].计算机应用研究.2006,1:122-124.
[40]Lin H, Cao ZF, Liang XH, Shao J.Secure threshold multi authority attribute based encryptionwithout a central authority[J]. Information Sciences,2010,180(13):2618–2632.
[41]Wang F,Zhou YS, Gu LZ,Zheng SH,YANG YX. Multi-policy threshold signature withdistinguished signing authorities[J]. The Journal of China Universities of Posts andTelecommunications,2011,18(1):113–120.
[42]SIAMAK F S, REIHAEH S N. Threshold attribute based signatures and their application toanonymous credential systens[C]. AFRICACRYPT2009, LNCS5580. Berlin: Springer-Verlag,2009:198-216.
[43]Chai ZC, Cao ZF, Lu RX.Threshold password authentication against guessing attacks in Ad hocnetworks[J]. Ad Hoc Networks,2007,5(7):1046–1054.
[44] Nuttapong A, Javier H, Fabien L, Beno t L.Attribute-based encryption schemes withconstant-size ciphertexts[J]. Theoretical Computer Science,2012,422(9):15-38.
[45]Yu S, Ren K, Lou W. Attribute-based on-demand multicast group setup with membershipanonymity[J]. Computer Networks,2010,54(3):377-386.
[46]Wang G, Liu Q, Wu J, Guo M. Hierarchical attribute-based encryption and scalable userrevocation for sharing data in cloud servers[J]. Computers&Security,2011,30(5):320-331.
[47]苏金树,曹丹,王小峰等.属性基加密机制.软件学报2011,22(6):1299-1315.
[48]Zeng S, Jiang S, Qin Z. An efficient conditionally anonymous ring signature in the random oraclemodel[J]. Theoretical Computer Science,2012,461(23):106-114.
[49]Yu Y, Xu C, Huang X, Mu Y.An efficient anonymous proxy signature scheme with provablesecurity[J]. Computer Standards&Interfaces,2009,31(2):348-353.
[50]Hwang JY, Lee S, Chung BH,Cho YS, Nyang DH.Group signatures with controllable linkabilityfor dynamic membership[J]. Information Sciences,2013,222(10):761-778.
[51]Huang Q, Wong DS, Susilo W.Group-oriented fair exchange of signatures[J]. InformationSciences,2011,181(16):3267-3283.
[52] Donga Y, Suic AF, Yiub SM. Author Vitae Providing distributed certificate authority service incluster-based mobile ad hoc networks[J]. Computer Communications,2007,30(11–12):2442–2452.
[53]Lee YK,Lee DG,Han JW,Kim TH. Home Network Device Authentication: Device AuthenticationFramework and Device Certificate Profile[J]. The Computer Journal,2009,52(8):871-877.
[54]Khan MK,Kim SK, Alghathbara K. Cryptanalysis and security enhancement of a ‘more efficient&secure dynamic ID-based remote user authentication scheme[J]. The Computer Journal,2010,53(7):1062-1070.
[55]Shamir A. How to share a secret[C]. Communications of the ACM,1979,22(11):612-613.
[56]G R Blaklay. Safeguarding Cryptographic Keys[C]. Proceedings of National ComputerConference, American Federation of Information Processing Societies,1979,48:313-317.
[57]Brickell E F. Some ideal secret sharing schemes[C]. Advanced in Cryptology-EUROCRYPT’89Proceedings. Berlin: Springer Verlag,1990:468-475.
[58] Sedlak H. The RSA cryptography processor[C]. Advances in Cryptology-EUROCRYPT '87.Workshop on the Theory and Application of Cryptographic Techniques. Proceedings,1988:95-105.
[59]Qi M, Xiao GZ. Enhancing the security of generalized ELGamal type signature schemes[J], ActaElectronica Sinica,1996,24(11):68-72.
[60]Koblitz N. Elliptic curve cryptosystems[J]. Mathematics of Computation,1987,48:203-209.
[61]Miller V. Uses of elliptic curves in cryptography[C], Advances in Cryptology CRYPTO’85,Lecture Notes in Computer Science,1986:417-426.
[62]Cjow SSM, Hui LCK, Yiu SM. Identity based threshold ring signature[C]. Information Securityand Cryptology-ICISC2004.7th International Conference. LNCS,2004,3506:218-32.
[63]Jun F, Shoko Y. Group signatures with separate and distributed authorities[C]. Security inCommunication Networks-4th International Conference, LNCS,2004,3352:77-90.
[64]Chang YF, Chang CC, Huang HF. Digital signature with message recovery using self-certifiedpublic keys without trustworthy system authority[J]. Applied Mathematics andComputation,2005,161(4):211-227.
[65]Naor M, Pinkas B, Reingold O. Distributed pseudo-random functions and KDCs[C]. LNCS,1999:327-346.
[66]Daza V, Herranz J, Padro C. A distributed and computationally secure key distribution scheme[C],LNCS,2002,2433:342-356.
[67]Uriel F, Amos F, Adi S. Zero knowledge proofs of identity[C]. In Proceedings of the19th ACMSymp on Theory of Computing,1987:210-217.
[68]Fiat A,Shamir A. How to Prove Yourself: Practical Solutins of Identification and SignatureProblems[C]. Advances in Cryptology CRYPTO’86Proceedings, Springer-Verlag,1987:186-194.
[69]Fiat A,Shamir A. Unforgeable Proofs of Identity[C]. Proceedings of Securicom87, Paris,1987:147-153.
[70]Zhang JH. Linkability analysis of some blind signature schemes[C], International conference oncomputation intelligence and security.Proceedings,2006:367-1370.
[71]ZHENG Y. Digital signcryption or how to achieve cost (signature&encryption)<
[73]陈伟冬,冯登国.签密方案在分布式协议中的应用[J].软件学报,2005,28(9):1421-1429.
[74]MANHO A, TSANG P P,SUSILO WILLY, et al. Dynamic universal accumulators for DDHgroups and their application to attribute based anonymous credential systems[C]. CT-RSA2009,LNCS5473. Berlin: Springer-Verlag,2009:1042-1045.
[75]Wang Y, Vassileva J. Tmst and Reputation Model in Peer-to-Peer Networks[C]. ThirdInternational Conference on Peer-to-Peer Computing(P2P103),2003:1-3.
[76]许春香,傅晓彤,肖国镇.矢量空间RSA数字签名方案[J].通信学报,2003,24(6):69-74.
[77]XU CX, CHEN K, XIAO GZ. A secure vector space secret sharing scheme[J]. Chinese of JournalElectronics.2002,30(5):715-718.
[78]MA CB, HE DK. A new chameleon threshold signature based on bilinear pairing[J]. Joural ofComputer Research and Development.2005,42(8):1427-1430.
[79]PANG LJ, PEI QQ, JIAO LC. An ID-Based Threshold Muti-Secret Sharing Scheme[J]. Journal ofSoftware.2008,19(10):2739-2745.
[80] HORSTER P, MICHELS M, PETERSEN H. Authenticated encryption schemes with lowcommunica-tion costs[J]. Electronics Letters.1994,30(15):1230-1231.
[81]Marti S. Taxonomy of trust: Categorizing P2P reputation systems[J]. Computer Networks,2006,50(4):472–484.
[82]Jusang A,Ismail R,Boyd C. A survey of trust and reputation systems for online serviceprovision[J]. Decision Support Systems,2007,43(2):618–644.
[83]Ramchurn SD, Huynh D, Jennings NR. Trust in multi-agent systems[J]. The KnowledgeEngineering Review,2004,19(01):1–25.
[84]Blaze M, Feigenbaum J, Ioannidis J,Keromytis A. The role of trust management in distributedsystems security[J]. Secure Internet Programming,1999:185–210.
[85]Diffie W,Hellman M.New directions in cryptography[J]. Information Theory, IEEETransactions,1976,22(6):644–654.
[86]CAMPBELL R,Al-MUHTADI J,NALDURG P. Towards security and privacy for pervasivecomputing[C]. Proceedings of International Symposium on Software Security, Berlin:Springer-Verlag,2002:1-15.
[87]Taher E. A public key cryptosystem and a signature scheme based on discrete logarithms[C]. InProceedings of CRYPTO84on Advances in cryptology, New York,1985.Springer-Verlag:10-18.
[88]卢开澄.计算机密码学[M].北京:清华大学出版社,2003:42-65.
[89]WANG HAO, XU QIU-LIANG, BAN TAO. A provably secure two-party attribute-based keyagreement protocol[C]. RITSUMEI K. The Fifth International Conference on Intelligent InformationHiding and Multimedia Signal Processing. Tokey: IEEE Computer Society,2009:1042-1045.
[90]REN Yong-jun, WANG Jian-dong, ZHUANG YI, et al. Attribute-based authenticated keyagreement protocol[J]. Journal of Lanzhou University(Natural Sciences),2010,46(2):103-110.
[91]Mark W. The computer for the twenty-first century[J]. Scientific American,1991,265(3):94–104.
[92]刘佳.基于秘密共享方案的高容错性PKI模型的研究与应用[D].南京:南京航空航天大学,2004.
[93]Carl M. Establishing Identity Without Certification Authorities[C]. roceedings of the6thUSENIXSecurity Symposium, San Jose, CA, USA,1996:67-76.
[94]IETF. Simple public key infrastructure[S].February2001.
[95]WANG HAO, XU Qiu-liang, FU XIU. Revocable attribute-based key agreement protocol in thestandard model[J]. Joural of Networks,2009,8(1):787-794.
[96]BETHENCOURT J, SAHAI A, WATER B. Ciphertext-policy attribute based encryption. In: IEEESymposium on Security and Privacy, IEEE Computer Society(2007):321-334.
[97]张秋璞;叶顶锋.对一个基于身份的多重签密方案的分析和改进[J].电子学报2011,39(12):2713-2720.
[98]SUN Yinxia, LI Hui. ID-based Signcryption KEM to Multiple Recipients[J]. CJE2011Vol.20:317-322.
[99] Boneh D, Franklin M. Identity-Based encryption from the weil pairing[C]. Advances inCryptology-CRYPTO2001.LNCS2139, Berlin, Heidelberg: Springer-Verlag,2001.213229.
[100]PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[C]. In ACMconference on Communications Security(ACMCCS), New York: ACM,2006:99-112.
[101]马春波,何大可.基于双线性映射的卡梅隆门限签名方案[J].计算机研究与发展,2005,42(8):1427-1430.
[102] Lewko A, Sahai A, Waters B. Revocation systems with very small private keys[C]. Proceedingsof the IEEE Symp on Security and Privacy. Washington: IEEE Computer Society,2010:273285.
[103] Shamir A. Identity-Based cryptosystems and signature schemes[C]. Advances in Cryptology-CRYPTO’84. Berlin, Heidelberg: Springer-Verlag,1984.4753.
[104] Nishide T, Yoneyama K, Ohta K. Attribute-Based encryption with partially hiddenencryptor-specified access structures[C]. Bellovin SM, Gennaro R, Keromytis A, Yung M, eds. Proc.of the Applied Cryptography and Network Security. Berlin, Heidelberg:Springer-Verlag,2008.111129.
[105] Fiat A, Naor M. Broadcast encryption[C]. Advances in Cryptology-CRYPTO’93. Berlin,Heidelberg: Springer-Verlag,1994.480491.
[106] Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers[C]. KilianJ, ed. Advances in Cryptology-CRYPTO2001. Berlin, Heidelberg: Springer-Verlag,2001.4162.
[107] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertextsand private keys[C]. Advances in Crytology-CRYPTO2005. Berlin, Heidelberg: Springer-Verlag,2005.258275.
[108] Sahai A, Waters B. Fuzzy identity-based encryption[C]. Advances in Cryptology-EUROCRYPT2005. Berlin,Heidelberg: Springer-Verlag,2005.457473.
[109]刘佳,庄毅,王建东.基于矢量空间的安全分布式签密方案.通信学报,2009,30(9):83-88.
[110]OostVeen AM,Besselaar P. Trust,Identity,and the Effects of Voting Technologies on VotingBehavior[J],Social Science Computer Review,2005,23(3):304-311.
[111]Herrmann K,Jaeger MA,PAYFLUX一Secure Electronic Payment in Mobile Ad HocNetworks[C]. Information and Communications Security.6thInternational Conference,ICICS2004.Proceedings. pp.66-78.
[112] BRICKELL E F. Some ideal secret sharing schemes[C]. Advanced in Cryptology-EUROCRYPT’89Proceedings. Berlin: Springer Verlag,1990.468-475.
[113] D. Khader, Attribute based group signatures[EB/OL]. http://eprint.iacr.org/2007/159,2007.
[114] Kiayias A, Zhou HS. Hidden identity-based signatures[C]. LNCS,2007,4886:134–147.
[115] Rivest RL, Shamir A, Tauman Y. How to leak a secret[C]. ASIACRYPT’01, LNCS,2001,2248:552–565.
[116]Bresson E, Stern J, Szydlo M. Threshold ring signatures and applications to ad-hoc groups[J].CRYPTO’02, LNCS,2002,2442:465–480.
[117] Chow S, Yiu S, Hui L. Efficient identity based ring signature[C]. ACNS’05, LNCS,2005,3531:499–512.
[118]Li J, Chen X, Yuen TH, Wang Y. Proxy ring signature: formal definitions, efficient constructionand new variant[C], CIS’06, LNCS,2007,4456:545–555.
[119]Shacham H,Waters B. Efficient ring signatures without random oracles[C]. PKC’07, LNCS,2007,4450:166–180.
[120]Chase M. Multi-authority attribute based encryption[C], TCC’07, LNCS,2007,4392:515–534.
[121]HORSTER P, MICHELS M, PETERSEN H. Authenticated encryption schemes with lowcommunica-tion costs[J]. Electronics Letters.1994,30(15):1230-1231.
[122]GENNARO R, JARECKI S, KRAWCZYK H. The security of distributed key generation inlog-based cryptosystems[C]. Advances in Cryptology-Eurocrypt’99. LNCS1592. Berlin:Springer-Verlag,1999.295-310.
[123]GOHEU J, JARECKI S. A signature scheme as secure as the Diffie-Hellman problem[C].Advances in Cryptology-EUROCRYPT2003. LNCS2656. Berlin: Springer-Verlag,2003.401-415.
[124]PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[C]. ACMconference on Communications Security(ACMCCS), New York: ACM,2006:99-112.
[125] B. Lynn.Pbc library[EB/OL], http://crypto.stanford.edu/pbc.2009
[126]李世群.普适计算中的安全问题研究[D].上海:上海交通大学博士论文,2007
[127]周炜.基于博弈论的普适计算信任模型的安全问题研究[D].青岛:中国海洋大学博士论文,2011