可公开验证无对运算的无证书聚合签密方案

doi:10.3778/j.issn.1673-9418.2104074

计算机科学与探索 ›› 2022, Vol. 16 ›› Issue (11): 2519-2530.DOI: 10.3778/j.issn.1673-9418.2104074

可公开验证无对运算的无证书聚合签密方案

陈虹¹, 周沫¹^,⁺(), 侯宇婷¹, 赵菊芳¹, 肖成龙², 郭鹏飞¹

1.辽宁工程技术大学软件学院，辽宁葫芦岛 125105
2.汕头大学计算机系，广东汕头 515063

收稿日期:2021-04-14 修回日期:2021-06-09 出版日期:2022-11-01 发布日期:2021-06-16
通讯作者: + E-mail: zhou0123elf@163.com
作者简介:陈虹（1967—），女，辽宁阜新人，硕士，副教授，CCF会员，主要研究方向为信息安全、网络安全。
周沫（1998—），女，辽宁兴城人，硕士研究生，主要研究方向为网络安全、密码学。
侯宇婷（1997—），女，辽宁沈阳人，硕士研究生，主要研究方向为网络安全、密码学。
赵菊芳（1996—），女，甘肃兰州人，硕士研究生，主要研究方向为隐私保护。
肖成龙（1984—），男，湖南株洲人，博士，教授，CCF会员，主要研究方向为软硬件协同设计、高层次综合、可扩展处理器。
郭鹏飞（1981—），男，辽宁建平人，博士，副教授，CCF会员，主要研究方向为图像处理、算法优化。
基金资助:
国家自然科学基金(61404069);辽宁省教育厅科学技术研究项目(LJ2017QL032)

Certificateless Aggregate Signcryption Scheme with Publicly Verifiable Pairless Operation

CHEN Hong¹, ZHOU Mo¹^,⁺(), HOU Yuting¹, ZHAO Jufang¹, XIAO Chenglong², GUO Pengfei¹

1. College of Software, Liaoning Technical University, Huludao, Liaoning 125105, China
2. Department of Computer, Shantou University, Shantou, Guangdong 515063, China

Received:2021-04-14 Revised:2021-06-09 Online:2022-11-01 Published:2021-06-16
About author:CHEN Hong, born in 1967, M.S., associate professor, member of CCF. Her research interests include information security and network security.
ZHOU Mo, born in 1998, M.S. candidate. Her research interests include network security and cryptography.
HOU Yuting, born in 1997, M.S. candidate. Her research interests include network security and cryptography.
ZHAO Jufang, born in 1996, M.S. candidate. Her research interest is privacy protection.
XIAO Chenglong, born in 1984, Ph.D., professor, member of CCF. His research interests include hardware and software collaborative design, high-level synthesis and extensible processor.
GUO Pengfei, born in 1981, Ph.D., associate professor, member of CCF. His research interests include image processing and algorithm optimization.
Supported by:
National Natural Science Foundation of China(61404069);Science and Technology Research Project of Liaoning Provincial Department of Education(LJ2017QL032)

摘要/Abstract

摘要：

聚合签密能够将来自不同签密者对不同消息产生的签密密文合并为单个密文，大大减少了密文的总长度和验证成本，更适用于低带宽、低存储的通信环境。针对聚合签密在基于身份密码体制下安全性较差、含有双线性对运算效率不理想的问题，在一个安全且高效的签名方案基础上，设计了一个新的可公开验证无对运算的无证书聚合签密方案。使用哈希函数将签密者的身份信息与部分公钥进行绑定，从而生成用户的部分私钥，以防止公钥替换攻击。在解签密阶段，将签密者的身份信息作为输出，不但能验证签密者身份的合法性，而且能有效隐藏签密者身份信息。在随机预言模型下，将方案的机密性和不可伪造性规约到多项式时间内求解计算性Diffie-Hellman问题和离散对数问题，证明了方案的安全性；在验证阶段，无需任何用户私有信息，任意可信第三方均可验证，具有公开验证性。此外，对方案的效率进行了比较，该方案在聚合解签密阶段只需要 $3 n$ 次点乘运算，计算效率较高。

关键词: 无证书聚合签密, 离散对数, 机密性, 不可伪造性, 可公开验证, 随机预言模型

Abstract:

Aggregate signcryption can combine ciphertext generated by different signcryption on different messages into a single ciphertext, which greatly reduces the total length of ciphertext and verification cost, and is more sui-table for low bandwidth and low storage communication environment. To solve the problems of poor security and inefficiency of aggregate signcryption with bilinear pairings in identity based cryptosystem, a new certificateless aggregate signcryption scheme which is based on a secure and efficient signature scheme and can be publicly verified without pair operation is designed. Hash function is used to bind the signcrypter’s identity information with part of the public key to generate part of the user’s private key to prevent public key replacement attacks. In the de-signcryption stage, the signcrypter’s identity information is taken as the output, which can verify the legitimacy of signcrypter’s identity and effectively hide it. In the random oracle model, the confidentiality and unforgeability of the scheme are reduced to the solving of computational Diffie-Hellman problem and discrete logarithm problem in polynomial time, which proves the security of the scheme. In the verification phase, any trusted third party can verify without any user’s private information, which proves the scheme has public verification. Furthermore, the efficiency of the scheme is compared. The proposed scheme only needs $3 n$ point multiplication operations in the aggregation de-signcryption stage, so it is more efficient.

Key words: certificateless aggregate signcryption, discrete logarithm, confidentiality, unforgeability, publicly veri-fiable, random prediction model

中图分类号:

TP309.7

陈虹, 周沫, 侯宇婷, 赵菊芳, 肖成龙, 郭鹏飞. 可公开验证无对运算的无证书聚合签密方案[J]. 计算机科学与探索, 2022, 16(11): 2519-2530.

CHEN Hong, ZHOU Mo, HOU Yuting, ZHAO Jufang, XIAO Chenglong, GUO Pengfei. Certificateless Aggregate Signcryption Scheme with Publicly Verifiable Pairless Operation[J]. Journal of Frontiers of Computer Science and Technology, 2022, 16(11): 2519-2530.

图/表 7

图1 适应性选择密文攻击的示意图（敌手 A 1）

Fig.1 Schematic diagram of adaptive chosen ciphertext attack (adversary A 1)

图2 适应性选择消息攻击的示意图（敌手 A 1）

Fig.2 Schematic diagram of adaptive selection message attack (adversary A 1)

图3 本文CLASC方案

Fig.3 CLASC scheme of this paper

表1 签密方案运算效率与安全性比较

Table 1 Comparison of efficiency and security of signcryption schemes

方案	签密运算量（1个消息）	解签密运算量（1个消息）	运算总量（1个消息）	签密运算量（n个消息）	解签密运算量（n个消息）	运算总量（n个消息）	安全性	公开验证性
文献[12]	3s	5s	8s	3ns	4ns	7ns	√	×
文献[18]	3s	4s	7s	(2n+1)s	4ns	(6n+1)s	√	√
文献[19]	4s	5s	9s	(3n+3)s	4ns	(7n+3)s	√	√
文献[20]	5s	6s	11s	(2n+1)s	(5n+1)s	(7n+2)s	√	√
文献[21]	e+p+2s	3p	e+4p+2s	ne+p+2ns	3p	ne+4p+2ns	√	×
文献[24]	e+4s	3p+s	e+3p+5s	ne+4ns	(n+2)p+ns	ne+(n+2)p+5ns	√	×
本文方案	3s	3s	6s	(2n+1)s	3ns	(5n+1)s	√	√

图4 签密效率

Fig.4 Signcryption efficiency

图5 解签密效率

Fig.5 Efficiency of de-signcryption

图6 VANET结构

Fig.6 VANET structure

参考文献 25

[1]	ZHENG Y L. Digital signcryption or how to achieve cost (sig-nature & encryption)≪ cost (signature)+ cost (encryption)[C]// LNCS 1294: Proceedings of the 17th Annual Interna-tional Cryptology Conference, Santa Barbara, Aug 17-21, 1997. Berlin, Heidelberg: Springer, 1997: 165-179.
[2]	BAEK J, STEINFELD R, ZHENG Y. Formal proofs for the security of signcryption[C]// LNCS 2274: Proceedings of the 5th International Workshop on Public Key Cryptography, Paris, Feb 12-14, 2002. Berlin, Heidelberg: Springer, 2002: 80-98.
[3]	MALONE-LEE J. Identity-based signcryption[J]. IACR Cryp-tology ePrint Archive, 2002.
[4]	CHEN L Q, MALONE-LEE J. Improved identity-based sign-cryption[C]// LNCS 3386: Proceedings of the 8th International Workshop on Theory and Practice in Public Key Crypto-graphy, Les Diablerets, Jan 23-26, 2005. Berlin, Heidel-berg: Springer, 2005: 362-379.
[5]	李建民, 俞惠芳, 赵晨. UC安全的自认证盲签密协议[J]. 计算机科学与探索, 2017, 11(6): 932-940. DOI
	LI J M, YU H F, ZHAO C. Self-certified blind signcryption protocol with UC security[J]. Journal of Frontiers of Computer Science and Technology, 2017, 11(6): 932-940. DOI
[6]	陈虹, 赵悦, 肖成龙, 等. 可证安全的无对运算的无证书签密方案[J]. 计算机应用研究, 2019, 36(3): 907-910.
	CHEN H, ZHAO Y, XIAO C L, et al. Certificateless sign-cryption scheme of verifiable security without pairing[J]. Application Research of Computers, 2019, 36(3): 907-910.
[7]	ALI I, LAWRENCE T, OMALA A A, et al. An efficient hybrid signcryption scheme with conditional privacy preser-vation for heterogeneous vehicular communicati on in vanets[J]. IEEE Transactionson Vehicular Technology, 2020, 69(10): 11266-11280.
[8]	ZIA M, ALI R. A multi recipient aggregate signcryption sch-eme based on elliptic curve[J]. Wireless Personal Commu-nications, 2020, 115(2): 1465-1480.
[9]	陈虹, 朱亚囡, 肖成龙, 等. 可公开验证无证书的多接收者匿名签密方案[J]. 计算机工程与应用, 2020, 56(19): 120-125. DOI
	CHEN H, ZHU Y N, XIAO C L, et al. Publicly verifiable certificateless multi-receiver anonymous signcryption[J]. Com-puter Engineering and Applications, 2020, 56(19): 120-125.
[10]	GUO H, DENG L. Certificateless ring signcryption scheme from pairings[J]. International Journal of Network Security, 2020, 22(1): 102-111.
[11]	SELVI S S D, VIVEK S S, SHRIRAM J, et al. Identity based aggregate signcryption schemes[C]// LNCS 5922: Proceedings of the 10th International Conference on Cryptology, New Delhi, Dec 13-16, 2009. Berlin, Heidelberg: Springer, 2009: 378-397.
[12]	ABOUELKHEIR E, EL-SHERBINY S. Pairing free identity based aggregate signcryption scheme[J]. IET Information Security, 2020, 14(6): 625-632. DOI URL
[13]	AL-RIYAMI S S, PATERSON K G. Certificateless public key cryptography[C]// LNCS 2894: Proceedings of the 9th Inter-national Conference on the Theory and Application of Cry-ptology and Information Security, Taipei, China, Nov 30-Dec 4, 2003. Berlin, Heidelberg: Springer, 2003: 452-473.
[14]	LU H, XIE Q. An efficient certificateless aggregate signcry-ption scheme from pairings[C]// Proceedings of the 2011 Inter-national Conference on Electronics, Communications and Con-trol, Ningbo, Sep 9-11, 2011. Piscataway: IEEE, 2011: 132-135.
[15]	ESLAMI Z, PAKNIAT N. Certificateless aggregate signcryp-tion: security model and a concrete construction secure in the random oracle model[J]. Journal of King Saud University-Computer and Information Sciences, 2014, 26(3): 276-286. DOI URL
[16]	张玉磊, 王欢, 李臣意, 等. 可证安全的紧致无证书聚合签密方案[J]. 电子与信息学报, 2015, 37(12): 2838-2844.
	ZHANG Y L, WANG H, LI C Y, et al. Provable secure and compact certificateless aggregate signcryption scheme[J]. Journal of Electronics & Information Technology, 2015, 37(12): 2838-2844.
[17]	刘建华, 毛可飞, 胡俊伟. 基于双线性对的无证书聚合签密方案[J]. 计算机应用, 2016, 36(6): 1558-1562. DOI
	LIU J H, MAO K F, HU J W. Certificateless aggregate sign-cryption scheme based on bilinear pairings[J]. Journal of Com-puter Applications, 2016, 36(6): 1558-1562.
[18]	苏靖枫, 柳菊霞. 不含双线性对的高效无证书聚合签密方案[J]. 计算机应用, 2018, 38(2): 374-378. DOI
	SU J F, LIU J X. Efficient certificateless aggregate signcryp-tion scheme without bilinear pairings[J]. Journal of Computer Applications, 2018, 38(2): 374-378.
[19]	李晨, 祁正华. 高效安全的无证书聚合签密方案[J]. 计算机技术与发展, 2020, 30(10): 117-122.
	LI C, QI Z H. An efficient and safe certificateless signcr-yption scheme[J]. Computer Technology and Development, 2020, 30(10): 117-122.
[20]	胡荣磊, 李文敬, 蒋华, 等. 适用于物联网通信的无证书聚合签密算法[J]. 计算机应用研究, 2020, 37(1): 208-211.
	HU R L, LI W J, JIANG H, et al. Certificateless aggregate signcryption scheme for IoT communication[J]. Application Research of Computers, 2020, 37(1): 208-211.
[21]	牛淑芬, 李振彬, 王彩芬. 适用于车载网的匿名异构聚合签密方案[J]. 计算机工程与科学, 2019, 41(1): 80-87.
	NIU S F, LI Z B, WANG C F. An anonymous heteroge-neous aggregate signcryption scheme for vehicular networks[J]. Computer Engineering & Science, 2019, 41(1): 80-87.
[22]	刘祥震, 张玉磊, 郎晓丽, 等. 可证安全的隐私保护多接收者异构聚合签密方案[J]. 计算机工程与科学, 2020, 42(3): 441-448.
	LIU X Z, ZHANG Y L, LANG X L, et al. A provably secure privacy-preserving multi-recipient heterogeneous aggregate signcryption scheme[J]. Computer Engineering & Science, 2020, 42(3): 441-448.
[23]	QU Y, MU Q. An efficient certificateless aggregate signature without pairing[J]. International Journal of Electronic Security and Digital Forensics, 2018, 10(2): 188-203. DOI URL
[24]	牛淑芬, 牛灵, 王彩芬, 等. 一种可证安全的异构聚合签密方案[J]. 电子与信息学报, 2017, 39(5): 1213-1218.
	NIU S F, NIU L, WANG C F, et al. A provable aggregate signcryption for heterogeneous systems[J]. Journal of Elec-tronics & Information Technology, 2017, 39(5): 1213-1218.
[25]	CAO X, KOU W, DU X. A pairing-free identity-based authent-icated key agreement protocol with minimal message excha-nges[J]. Information Sciences, 2010, 180(15): 2895-2903. DOI URL

可公开验证无对运算的无证书聚合签密方案

Certificateless Aggregate Signcryption Scheme with Publicly Verifiable Pairless Operation

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 25

相关文章 4

编辑推荐

Metrics

[1]	谢佳, 胡予濮, 高军涛, 王保仓, 江明明. 格上前向安全的有序聚合签名[J]. 计算机科学与探索, 2021, 15(9): 1658-1666.
[2]	谢佳, 胡予濮, 高军涛, 王保仓, 江明明. 标准模型下前向安全的格基有序聚合签名[J]. 计算机科学与探索, 2021, 15(10): 1912-1920.
[3]	赵宗渠，范涛，彭婷婷，叶青，秦攀科. 标准模型下格上的密钥封装机制[J]. 计算机科学与探索, 2019, 13(4): 629-638.
[4]	汤永利，王菲菲，叶青，闫玺玺. 高效可证明安全的无证书代理签名方案[J]. 计算机科学与探索, 2016, 10(9): 1282-1289.