摘要
基于证书密码体制是传统公钥密码体制的最新演进。但目前大多数基于证书签名方案均采用双线性对构造,计算效率较低。为此,基于离散对数难题,提出一种基于证书的不含对运算的前向安全签名方案。方案以有限域上模幂运算为主构造,避免了复杂的对运算;采用多项式函数并引入随机数的方法实现密钥更新,保证了方案的前向安全性。验证签名时用证书-公钥双向验证方程保障证书及公钥的有效性。方案在随机预言机模型下被证明可以抵抗用户伪造攻击和CA伪造攻击,抵抗公钥替换攻击。效率分析表明,方案相比于其他类似方案,计算效率更高。
The certificate-based cryptosystem(CBC) is the latest evolution of traditional public key cryptosys- terns, however most of the existing certificate-based signature schemes have been constructed by pairings, which leads to low calculation efficiency. In view of the difficult discrete logarithm problem, the certificate- based forward secure signature scheme without pairings was presented. The scheme had higher efficiency, as it was mainly based on modular exponentiation arithmetic in the finite range instead of pairings. Private keys were updated by introduction of the polynomial function and random number. The validity of the public key and certificate were verified before verifying the signature by the mutual authentication function of public key certificate. With the random oracle model, it was proved that the scheme was existentially unforgeable against user forgery attacks, CA forgery attacks and public key replacing attacks. Efficiency analysis shows that the scheme is of the advantage of high computation efficiency comparing with other similar schemes.
出处
《铁道学报》
EI
CAS
CSCD
北大核心
2013年第11期45-50,共6页
Journal of the China Railway Society
基金
国家自然科学基金(61003245
61240025)
四川省科技计划项目(2011JQ0027)
中央高校基本科研业务费(SWJTU11CX041
SWJTU12CX099)
关键词
基于证书签名
前向安全签名
随机预言模型
离散对数难题
certificate-based signature
forward secure signature
random oracle model
discrete logarithmproblem