一种支持并行密钥隔离的无证书聚合签名方案-《计算机技术与发展》

文章信息/Info

Title:: A Certificateless Aggregate Signature Scheme Supporting Parallel Key-isolated

文章编号:: 1673-629X(2022)11-0106-09

作者:: 杨忆欧¹; 2 ; 彭长根¹; 2; 3 ; 丁红发⁴; 许德权¹; 2; 1. 贵州大学计算机科学与技术学院,贵州贵阳 550025;
2. 贵州大学公共大数据国家重点实验室,贵州贵阳 550025;
3. 贵州大学密码学与数据安全研究所,贵州贵阳 550025;
4. 贵州财经大学信息学院,贵州贵阳 550025

Author(s):: YANG Yi-ou1; 2 ; PENG Chang-gen1; 2; 3 ; DING Hong-fa4 ; XU De-quan1; 2; 1. School of Computer Science and Technology,Guizhou University,Guiyang 550025,China;
2. State Laboratory of Public Big Data,Guizhou University,Guiyang 550025,China;
3. Institute of Cryptography and Data Security,Guizhou University,Guiyang 550025,China;
4.School of Information,Guizhou University of Finance and Economics,Guiyang 550025,China

关键词:: 聚合签名; 并行密钥隔离; 无证书密码体制; 随机预言模型; 可证安全

Keywords:: aggregate signature; parallel key-isolated; certificateless cryptography; random oracle model; provably security

分类号:: TP309

DOI:: 10. 3969 / j. issn. 1673-629X. 2022. 11. 016

摘要:: 聚合签名已成为数据安全认证领域重要的密码原语,其证书及密钥管理开销可通过引入无证书密码体制加以缩减。然而,密钥泄漏仍是聚合签名体制所面临的主要安全挑战,对于面向多用户的聚合签名,敌手可通过某个用户泄露的密钥破坏有此用户参与生成的聚合签名。鉴于此问题,提出一种支持并行密钥隔离的无证书聚合签名方案。首先,采用并行密钥隔离机制分时间片段更新密钥的思想,从而定时更新签名参与用户的密钥,在确保密钥前向安全及后向安全的前提下可支持较频繁的临时签名密钥更新操作;其次,利用无证书椭圆曲线密码技术实现方案构造,在降低了密码运算复杂度的同时,聚合签名长度也维持在常数量级;最后,基于随机预言模型给出该方案的形式化安全模型,证明其可以达到抵御适应性选择消息存在性伪造的安全目标。性能分析表明,该方案相较于其他方案在运算开销及签名传输通信成本方面占优。

Abstract:: Aggregate signature has become an important cryptographic primitive in the field of data security authentication, and itscertificate and key management overhead can be reduced by introducing a certificateless cryptosystem. However,key leakage is still themain security challenge faced by the aggregated signature system. For multi - user - oriented aggregated signatures, an adversary candestroy the aggregated signature generated by a user through the key leaked by this user. In view of this problem, a certificatelessaggregated signature? ? scheme that supports parallel key isolation is proposed. Firstly,the parallel key-isolated mechanism is used to updatethe key in time segments,so as to regularly update the keys of the? ? ?users participating in the signature,which can support more frequenttemporary signature key updates under the premise of ensuring the forward security and backward security of the keys. Secondly,thescheme construction is realized by using certificateless elliptic curve cryptography, which reduces the complexity of cryptographicoperations while maintaining the length of the aggregate signature at a constant level. Finally,a formalized security model of the schemeis given based on the random oracle model,which proves that it can achieve the security goal of resisting adaptive selection messageexistence forgery. The performance analysis shows that the scheme is superior in computing overhead and communication cost ofsignature compared with other schemes.

相似文献/References:

[1]韦性佳,芦殿军*.基于中国剩余定理的前向安全的聚合签名方案[J].计算机技术与发展,2021,31(04):137.[doi:10. 3969 / j. issn. 1673-629X. 2021. 04. 023]
　WEI Xing-jia,LU Dian-jun*.Forward Secure Aggregated Signature Scheme Based onChinese Remainder Theorem[J].,2021,31(11):137.[doi:10. 3969 / j. issn. 1673-629X. 2021. 04. 023]
[2]丁晓晖,曹素珍,窦凤鸽,等.基于无证书聚合签名的导航信息更新方案[J].计算机技术与发展,2022,32(06):112.[doi:10. 3969 / j. issn. 1673-629X. 2022. 06. 019]
　DING Xiao-hui,CAO Su-zhen,DOU Feng-ge,et al.Navigation Information Updating Scheme Based on Certificateless Aggregate Signature in Vehicle Networking[J].,2022,32(11):112.[doi:10. 3969 / j. issn. 1673-629X. 2022. 06. 019]
[3]陈鹏,秦伟杰,余肖生.SRaft:基于 Schnorrkel 签名和信用值机制的 Raft 共识算法[J].计算机技术与发展,2023,33(07):111.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 017]
　CHEN Peng,QIN Wei-jie,YU Xiao-sheng.SRaft:Raft Consensus Algorithm Based on Schnorrkel Signature and Credit Value Mechanism[J].,2023,33(11):111.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 017]

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

文章信息/Info

相似文献/References:

常用功能

导航/Navigate

工具/Tools

统计/Statistics