可证安全的紧致无证书聚合签密方案
|
摘要
无证书聚合签密不仅可以保证信息传输的机密性和认证性,还可以降低密文的验证和通信开销。分析现有无证书聚合签密方案,发现它们的计算效率普遍较低。该文提出一个紧致的无证书聚合签密方案,方案聚合验证密文信息需要的双线性对个数固定,并且与签密用户个数无关。与已有无证书聚合签密方案相比,新方案减少了双线性对运算个数,提高了聚合验证效率。同时,在随机预言模型下,基于双线性Diffie-Hellman困难问题和计算Diffie-Hellman困难问题,证明方案满足机密性和不可伪造性。
Certificateless aggregate signcryption not only can ensure the confidentiality and authentication of information transmission, but also can reduce the cost of data communication and the verification of ciphertexts.Through analyzing some existing certificateless aggregate signcryption schemes, it is found that their efficiencies are much lower. A provable secure certificateless compact aggregate signcryption scheme is proposed in this paper.In the new scheme, the pairing numbers, not depending on the number of signcryption users, are constant when aggregate ciphertexts are verified. Compared with the existing certificateless aggregate signcryption schemes, the new scheme decreases pairing numbers and raise the efficiency of verification. Moreover, based on the assumption of bilinear Diffie-Hellman and computational Diffie-Hellman, in the random oracle model, it is proved that the new scheme satisfies the properties of confidentiality and unforgeability.
Certificateless aggregate signcryption not only can ensure the confidentiality and authentication of information transmission, but also can reduce the cost of data communication and the verification of ciphertexts.Through analyzing some existing certificateless aggregate signcryption schemes, it is found that their efficiencies are much lower. A provable secure certificateless compact aggregate signcryption scheme is proposed in this paper.In the new scheme, the pairing numbers, not depending on the number of signcryption users, are constant when aggregate ciphertexts are verified. Compared with the existing certificateless aggregate signcryption schemes, the new scheme decreases pairing numbers and raise the efficiency of verification. Moreover, based on the assumption of bilinear Diffie-Hellman and computational Diffie-Hellman, in the random oracle model, it is proved that the new scheme satisfies the properties of confidentiality and unforgeability.
引文
[1]Zheng Yu-liang.Digital signcryption or how to achieve cost(signature&encryption)< [2]Baek J,Steinfeld R,and Zheng Yu-liang.Formal proofs for the security of signcryption[C].Proceedings of the Cryptology-PKC2002,Paris,France,2002:81-98.
[3]Barbosa M and Farshim P.Certificateless signcryption[C].Proceedings of the ASIACCS2008,New York,USA,2008:369-372.
[4]孙银霞,李晖,李小青.无证书体制下的多接收者签密密钥封装机制[J].电子与信息学报,2010,32(9):2249-2252.Sun Yin-xia,Li Hui,and Li Xiao-qing.Certificateless signcryption KEM to multiple recipients[J].Journal of Electronics&Information Technology,2010,32(9):2249-2252.
[5]Weng Jian,Yao Guo-xiang,Robert Deng,et al..Cryptanalysis of a certificateless signcryption scheme in the standard model[J].Information Science,2011,181(3):661-667.
[6]光焱,顾纯祥,祝跃飞,等.一种基于LWE问题的无证书全同态加密体制[J].电子与信息学报,2013,35(4):988-993.Guang Yan,Gu Chun-xiang,Zhu Yue-fei,et al..Certificateless fully homomorphic encryption based on LWE problem[J].Journal of Electronics&Information Technology,2013,35(4):988-993.
[7]Zhou Cai-xue,Zhou Wan,and Dong Xi-wei.Provable Certificateless generalized signcryption scheme[J].Designs,codes and Cryptography,2014,1(2):331-346.
[8]Shi Wen-bo,Kumar N,Gong Peng,et al..Cryptanalysis and improvement of a certificateless signcryption scheme without bilinear pairing[J].Frontiers of Computer Science,2014,8(4):656-666.
[9]Boneh D,Gentry C,Lynn B,et al..Aggregate and verifiably encrypted signatures from bilinear maps[C].Proceedings of the Cryptology–EUROCRYPT2003,Warsaw,Poland,2003:416-432.
[10]明洋,赵祥模,王育民.无证书聚合签名方案[J].电子科技大学学报,2014,43(2):188-193.Ming Yang,Zhao Xiang-mo,and Wang Yu-ming.Certificateless aggregate signature scheme[J].Journal of University of Electronic Science and Technology of China,2014,43(2):188-193.
[11]张玉磊,周冬瑞,李臣意,等.高效的无证书广义指定验证者聚合签名方案[J].通信学报,2015,36(2):2015033.Zhang Yu-lei,Zhou Dong-rui,Li Chen-yi,et al..Certificateless-based efficient aggregate signature scheme with universal designated verifier[J].Journal on Communications,2015,36(2):2015033.
[12]Lu Hai-jun and Xie Qi.An efficient certificateless aggregate signcryption scheme from pairings[C].Proceedings of International Conference on the Electronics,Communications and Control(ICECC),Ningbo,China,IEEE,2011:132-135.
[13]Jiang Yi,Li Jian-ping,and Xiong An-ping.Certificateless aggregate signcryption scheme for wireless sensor network[J].International Journal of Advancements in Computing Technology,2013,5(8):456-463.
[14]张雪枫,魏立线,王绪安.无证书的可公开验证聚合签密方案[J].计算机应用,2013,33(7):1858-1860.Zhang Xue-feng,Wei Li-xian,and Wang Xu-an.Certificateless aggregate signcryption scheme with public verifiability[J].Journal of Computer Applications,2013,33(7):1858-1860.
[15]Eslami Z and Nasrollah P.Certificateless aggregate signcryption:security model and a concrete construction secure in the random oracle model[J].Journal of King Saud University Computer and Information Sciences,2014,26(3):276-286.
[3]Barbosa M and Farshim P.Certificateless signcryption[C].Proceedings of the ASIACCS2008,New York,USA,2008:369-372.
[4]孙银霞,李晖,李小青.无证书体制下的多接收者签密密钥封装机制[J].电子与信息学报,2010,32(9):2249-2252.Sun Yin-xia,Li Hui,and Li Xiao-qing.Certificateless signcryption KEM to multiple recipients[J].Journal of Electronics&Information Technology,2010,32(9):2249-2252.
[5]Weng Jian,Yao Guo-xiang,Robert Deng,et al..Cryptanalysis of a certificateless signcryption scheme in the standard model[J].Information Science,2011,181(3):661-667.
[6]光焱,顾纯祥,祝跃飞,等.一种基于LWE问题的无证书全同态加密体制[J].电子与信息学报,2013,35(4):988-993.Guang Yan,Gu Chun-xiang,Zhu Yue-fei,et al..Certificateless fully homomorphic encryption based on LWE problem[J].Journal of Electronics&Information Technology,2013,35(4):988-993.
[7]Zhou Cai-xue,Zhou Wan,and Dong Xi-wei.Provable Certificateless generalized signcryption scheme[J].Designs,codes and Cryptography,2014,1(2):331-346.
[8]Shi Wen-bo,Kumar N,Gong Peng,et al..Cryptanalysis and improvement of a certificateless signcryption scheme without bilinear pairing[J].Frontiers of Computer Science,2014,8(4):656-666.
[9]Boneh D,Gentry C,Lynn B,et al..Aggregate and verifiably encrypted signatures from bilinear maps[C].Proceedings of the Cryptology–EUROCRYPT2003,Warsaw,Poland,2003:416-432.
[10]明洋,赵祥模,王育民.无证书聚合签名方案[J].电子科技大学学报,2014,43(2):188-193.Ming Yang,Zhao Xiang-mo,and Wang Yu-ming.Certificateless aggregate signature scheme[J].Journal of University of Electronic Science and Technology of China,2014,43(2):188-193.
[11]张玉磊,周冬瑞,李臣意,等.高效的无证书广义指定验证者聚合签名方案[J].通信学报,2015,36(2):2015033.Zhang Yu-lei,Zhou Dong-rui,Li Chen-yi,et al..Certificateless-based efficient aggregate signature scheme with universal designated verifier[J].Journal on Communications,2015,36(2):2015033.
[12]Lu Hai-jun and Xie Qi.An efficient certificateless aggregate signcryption scheme from pairings[C].Proceedings of International Conference on the Electronics,Communications and Control(ICECC),Ningbo,China,IEEE,2011:132-135.
[13]Jiang Yi,Li Jian-ping,and Xiong An-ping.Certificateless aggregate signcryption scheme for wireless sensor network[J].International Journal of Advancements in Computing Technology,2013,5(8):456-463.
[14]张雪枫,魏立线,王绪安.无证书的可公开验证聚合签密方案[J].计算机应用,2013,33(7):1858-1860.Zhang Xue-feng,Wei Li-xian,and Wang Xu-an.Certificateless aggregate signcryption scheme with public verifiability[J].Journal of Computer Applications,2013,33(7):1858-1860.
[15]Eslami Z and Nasrollah P.Certificateless aggregate signcryption:security model and a concrete construction secure in the random oracle model[J].Journal of King Saud University Computer and Information Sciences,2014,26(3):276-286.