改进的可证明安全无证书签名方案

doi:10.13190/j.jbupt.2016.01.021

北京邮电大学学报 ›› 2016, Vol. 39 ›› Issue (1): 112-116.doi: 10.13190/j.jbupt.2016.01.021

改进的可证明安全无证书签名方案

汤永利, 王菲菲, 叶青, 闫玺玺

河南理工大学计算机科学与技术学院, 河南焦作 454000

收稿日期:2016-02-18 出版日期:2016-02-28 发布日期:2016-01-29
作者简介:汤永利(1972-),副教授,E-mail:yltang@hpu.edu.cn.
基金资助:
国家自然科学基金项目(61300216);河南省科技厅项目(152102410048,142300410147);河南省教育厅项目(12A520021,16A520013);河南理工大学博士基金项目(B2013-043,B2014-044)

Improved Provably Secure Certificateless Signature Scheme

TANG Yong-li, WANG Fei-fei, YE Qing, YAN Xi-xi

College of Computer Sciences and Technology, Henan Polytechnic University, Henan Jiaozuo 454000, China

Received:2016-02-18 Online:2016-02-28 Published:2016-01-29

摘要/Abstract

摘要：

给出樊爱宛等无证书签名方案的一个伪造攻击,攻击显示第Ⅰ类强攻击者能成功伪造任意用户对任意消息的有效签名.分析发现原方案不安全的原因在于,签名阶段选取的随机数没有与消息M关联起来,通过将签名阶段选取的随机数与消息M相关的Hash函数值进行绑定的方式给出了改进方案,其中安全性最优的方案在签名阶段只需1个点乘,在验证阶段需要4个点乘,可抵抗第Ⅰ类超级攻击者、第Ⅱ类超级攻击者的攻击;其余方案在签名阶段只需1个点乘,在验证阶段需要3个点乘,可抵抗第Ⅰ类强攻击者、第Ⅱ类超级攻击者的攻击,针对现实世界的攻击者是安全的.改进方案在椭圆曲线离散对数困难性假设下是可证明安全的.

关键词: 无证书签名, 椭圆曲线离散对数难题, 可证明安全, 随机预言模型

Abstract:

A forgery attack on Fan Aiwan et al's certificateless signature scheme was presented. It is found that the strong type I adversary could forge any user's valid signature on any message. The reason of this problem is that the random number selected in the signature generation phase is not associated with the message M. To improve the original scheme's security, the improved schemes in which the random number selected in the signature generation phase is bound to the hash function value of message M was proposed. The scheme proposed can resist both super type Ⅰ and type Ⅱ adversary, and it only needs one scalar multiplication in signature generation phase and four scalar multiplications in signature verification phase; the other schemes proposed can resist strong type Ⅰ and super type Ⅱ adversary and are secure against the attacker in the real world. In addition, they only need one scalar multiplication in signature generation phase, and three scalar multiplications in signature verification phase. The improved schemes are provably secure under the intractability of elliptic curve discrete logarithm problem.

Key words: certificateless signature, elliptic curve discrete logarithm problem, provable security, random oracle model

中图分类号:

TN918.4

汤永利, 王菲菲, 叶青, 闫玺玺. 改进的可证明安全无证书签名方案[J]. 北京邮电大学学报, 2016, 39(1): 112-116.

TANG Yong-li, WANG Fei-fei, YE Qing, YAN Xi-xi. Improved Provably Secure Certificateless Signature Scheme[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2016, 39(1): 112-116.

参考文献

[1] Al-Riyami S S, Paterson K G. Certificateless public key cryptography[C]//Laih C S. Proc. of the ASIACRYPT 2003. LNCS 2894, Berlin:Springer-Verlag, 2003:452-473.
[2] Huang Xinyi, Mu Yi, Susilo W, et al. Certificateless signature revisited[C]//Pieprzyk J, Ghodosi H, Dawson E. Proc. of the ACISP 2007. LNCS 4586, Heidelberg:Springer-Verlag, 2007:308-322.
[3] Al-Riyami S S, Paterson K G. Certificateless public key cryptography[C]//Proc of Asiacrypt 2003. Berlin:Springer-Verlag, 2003:452-473.
[4] 曹雪菲, Kenneth G Paterson, 寇卫东. 对一类无证书签名方案的攻击与改进[J]. 北京邮电大学学报, 2008, 31(2):64-67. Cao Xuefei, Kenneth G Paterson, Kou Weidong. An attack on a certificateless signature scheme and its improvement[J]. Journal of Beijing University of Posts and Telecommunications, 2008, 31(2):64-67.
[5] Gong Peng, Li Ping. Further improvement of a certificateless signature scheme without pairing[J]. International Journal of Communication Systems, 2012, 27(10):2083-2091.
[6] Yeh K H, Tsai K Y, Kuo R Z, et al. Robust certificateless signature scheme without bilinear pairings[C]//IT Convergence and Security (ICITCS), 2013 International Conference on.[s.l.]:IEEE, 2013:1-4.
[7] 王圣宝, 刘文浩, 谢琪. 无双线性配对的无证书签名方案[J]. 通信学报, 2012, 33(4):93-98. Wang Shengbao, Liu Wenhao, Xie Qi. Certificateless signature scheme without bilinear pairings[J]. Journal on Communications, 2012, 33(4):93-98.
[8] 王亚飞, 张睿哲. 强安全无对的无证书签名方案[J]. 通信学报, 2013, 34(2):94-100. Wang Yafei, Zhang Ruizhe. Strongly secure certificateless signature scheme without pairings[J]. Journal on Communications, 2013, 34(2):94-100.
[9] 樊爱宛, 杨照峰, 谢丽明. 强安全无证书签名方案的安全性分析与改进[J]. 通信学报, 2014, 33(1):18-21. Fan Aiwan, Yang Zhaofeng, Xie Liming. Security analysis and improvement of strongly secure certificateless signature scheme[J]. Journal on Communications, 2014, 33(1):18-21.
[10] Kim K S, Jeong I R. A new certificateless signature scheme under enhanced security models[J]. Security and Communication Networks, 2014, 8(5):801-410.
[11] Pointcheval D, Stern J. Security proofs for signature schemes[J]. Lecture Notes in Computer Science, 1996, 1070:387-398.

改进的可证明安全无证书签名方案

Improved Provably Secure Certificateless Signature Scheme

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 6

编辑推荐

Metrics

本文评价

[1]	宋成, 顾心安, 王磊, 刘志中, 闫玺玺. 基于身份的车载网批量匿名认证方案研究[J]. 北京邮电大学学报, 2019, 42(5): 69-74.
[2]	姚苏, 关建峰, 潘华, 张宏科. 身份与位置分离网络中的可证明三元认证接入协议[J]. 北京邮电大学学报, 2017, 40(s1): 58-62.
[3]	来齐齐, 胡予濮, 陈原, 王保仓, 江明明. 辅助输入安全的损耗陷门函数的构造[J]. 北京邮电大学学报, 2014, 37(6): 6-10.
[4]	吴青，张乐友. 标准模型下基于身份的强不可伪造签名方案[J]. 北京邮电大学学报, 2011, 34(3): 71-74.
[5]	曹雪菲，Kenneth.G.Paterson，寇卫东. 对一类无证书签名方案的攻击及改进[J]. 北京邮电大学学报, 2008, 31(2): 64-67.
[6]	温凤桐，吴文玲，温巧燕. 一个伪装的电码本模式及其安全性分析[J]. 北京邮电大学学报, 2005, 28(6): 89-92.