中山大学学报自然科学版 ›› 2017, Vol. 56 ›› Issue (1): 77-84.

• 研究论文 • 上一篇    下一篇

无证书聚合签名方案的攻击与改进

杜红珍1,温巧燕2   

  1. 1. 宝鸡文理学院数学与信息科学学院, 陕西 宝鸡 721013;
    2. 北京邮电大学网络与交换技术国家重点实验室, 北京 100876
  • 收稿日期:2016-05-06 出版日期:2017-01-25 发布日期:2017-01-25
  • 通讯作者: 杜红珍(1978年生),女;研究方向:密码学、数字签名;E-mail: hongzhendu@163.com

Attack and improvement of a certificateless aggregate signature scheme

DU Hongzhen1, WEN Qiaoyan2   

  1. 1. School of Mathematics and Information Science, Baoji University of Arts and Sciences, Baoji 721013, China;
    2. State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2016-05-06 Online:2017-01-25 Published:2017-01-25

摘要:

聚合签名因其在物联网中的广泛应用而成为数字签名技术研究的热点。Ming等(2014)提出了一个高效的无证书聚合签名方案,但Zhang等(2015)指出Ming方案不能抵抗类型II敌手的攻击,并给出了Ming方案的2种改进。指出Zhang等的第二个改进方案是不安全的,通过构造具体的攻击方法,证明了第二个方案无法抵抗类型II敌手的攻击。接着基于Ming方案构造了一个新的无证书聚合签名方案,在随机预言机模型下证明了新方案是安全的,且方案生成的聚合签名长度是固定的,很适合于物联网应用环境。

关键词: 无证书公钥密码, 聚合签名, 不可伪造性

Abstract:

Aggregate signature becomes a hot topic in the digital signature technology researches because of its wide application in the Internet of Things. Ming et al. (2014) proposed an efficient certificateless aggregate signature scheme. But Zhang et al. (2015) showed the scheme is not secure against a Type II adversary, and then they proposed an improvement of Ming's scheme. However, it is pointed out that the improved scheme is still insecure against a Type II adversary by giving specific attacks. Then, based on Ming's scheme, a new certificateless aggregate signature scheme is constructed. The new scheme is provablysecure in the random oracle model and the length of aggregate signature is constant so that it is suitable for the Internet of Things.

Key words: certificateless public key cryptography, aggregate signature, unforgeability