计算机科学与探索 ›› 2022, Vol. 16 ›› Issue (11): 2519-2530.DOI: 10.3778/j.issn.1673-9418.2104074

• 网络与信息安全 • 上一篇    下一篇

可公开验证无对运算的无证书聚合签密方案

陈虹1, 周沫1,+(), 侯宇婷1, 赵菊芳1, 肖成龙2, 郭鹏飞1   

  1. 1.辽宁工程技术大学 软件学院,辽宁 葫芦岛 125105
    2.汕头大学 计算机系,广东 汕头 515063
  • 收稿日期:2021-04-14 修回日期:2021-06-09 出版日期:2022-11-01 发布日期:2021-06-16
  • 通讯作者: + E-mail: zhou0123elf@163.com
  • 作者简介:陈虹(1967—),女,辽宁阜新人,硕士,副教授,CCF会员,主要研究方向为信息安全、网络安全。
    周沫(1998—),女,辽宁兴城人,硕士研究生,主要研究方向为网络安全、密码学。
    侯宇婷(1997—),女,辽宁沈阳人,硕士研究生,主要研究方向为网络安全、密码学。
    赵菊芳(1996—),女,甘肃兰州人,硕士研究生,主要研究方向为隐私保护。
    肖成龙(1984—),男,湖南株洲人,博士,教授,CCF会员,主要研究方向为软硬件协同设计、高层次综合、可扩展处理器。
    郭鹏飞(1981—),男,辽宁建平人,博士,副教授,CCF会员,主要研究方向为图像处理、算法优化。
  • 基金资助:
    国家自然科学基金(61404069);辽宁省教育厅科学技术研究项目(LJ2017QL032)

Certificateless Aggregate Signcryption Scheme with Publicly Verifiable Pairless Operation

CHEN Hong1, ZHOU Mo1,+(), HOU Yuting1, ZHAO Jufang1, XIAO Chenglong2, GUO Pengfei1   

  1. 1. College of Software, Liaoning Technical University, Huludao, Liaoning 125105, China
    2. Department of Computer, Shantou University, Shantou, Guangdong 515063, China
  • Received:2021-04-14 Revised:2021-06-09 Online:2022-11-01 Published:2021-06-16
  • About author:CHEN Hong, born in 1967, M.S., associate professor, member of CCF. Her research interests include information security and network security.
    ZHOU Mo, born in 1998, M.S. candidate. Her research interests include network security and cryptography.
    HOU Yuting, born in 1997, M.S. candidate. Her research interests include network security and cryptography.
    ZHAO Jufang, born in 1996, M.S. candidate. Her research interest is privacy protection.
    XIAO Chenglong, born in 1984, Ph.D., professor, member of CCF. His research interests include hardware and software collaborative design, high-level synthesis and extensible processor.
    GUO Pengfei, born in 1981, Ph.D., associate professor, member of CCF. His research interests include image processing and algorithm optimization.
  • Supported by:
    National Natural Science Foundation of China(61404069);Science and Technology Research Project of Liaoning Provincial Department of Education(LJ2017QL032)

摘要:

聚合签密能够将来自不同签密者对不同消息产生的签密密文合并为单个密文,大大减少了密文的总长度和验证成本,更适用于低带宽、低存储的通信环境。针对聚合签密在基于身份密码体制下安全性较差、含有双线性对运算效率不理想的问题,在一个安全且高效的签名方案基础上,设计了一个新的可公开验证无对运算的无证书聚合签密方案。使用哈希函数将签密者的身份信息与部分公钥进行绑定,从而生成用户的部分私钥,以防止公钥替换攻击。在解签密阶段,将签密者的身份信息作为输出,不但能验证签密者身份的合法性,而且能有效隐藏签密者身份信息。在随机预言模型下,将方案的机密性和不可伪造性规约到多项式时间内求解计算性Diffie-Hellman问题和离散对数问题,证明了方案的安全性;在验证阶段,无需任何用户私有信息,任意可信第三方均可验证,具有公开验证性。此外,对方案的效率进行了比较,该方案在聚合解签密阶段只需要 3 n次点乘运算,计算效率较高。

关键词: 无证书聚合签密, 离散对数, 机密性, 不可伪造性, 可公开验证, 随机预言模型

Abstract:

Aggregate signcryption can combine ciphertext generated by different signcryption on different messages into a single ciphertext, which greatly reduces the total length of ciphertext and verification cost, and is more sui-table for low bandwidth and low storage communication environment. To solve the problems of poor security and inefficiency of aggregate signcryption with bilinear pairings in identity based cryptosystem, a new certificateless aggregate signcryption scheme which is based on a secure and efficient signature scheme and can be publicly verified without pair operation is designed. Hash function is used to bind the signcrypter’s identity information with part of the public key to generate part of the user’s private key to prevent public key replacement attacks. In the de-signcryption stage, the signcrypter’s identity information is taken as the output, which can verify the legitimacy of signcrypter’s identity and effectively hide it. In the random oracle model, the confidentiality and unforgeability of the scheme are reduced to the solving of computational Diffie-Hellman problem and discrete logarithm problem in polynomial time, which proves the security of the scheme. In the verification phase, any trusted third party can verify without any user’s private information, which proves the scheme has public verification. Furthermore, the efficiency of the scheme is compared. The proposed scheme only needs 3 n point multiplication operations in the aggregation de-signcryption stage, so it is more efficient.

Key words: certificateless aggregate signcryption, discrete logarithm, confidentiality, unforgeability, publicly veri-fiable, random prediction model

中图分类号: