摘要
研究了几种新近提出的无对运算的无证书签密方案,发现存在正确性或安全性的缺陷,提出一种新的无对运算的无证书签密方案。新签密方案改变了现有方案的线性密钥结构,能抵抗类型I敌手发起的公钥替换攻击;利用哈希函数将签密者和解签密者的身份以及待签密消息进行绑定,防止内部攻击发生。在随机预言模型下,方案的不可伪造性和机密性被规约为多项式时间敌手求解离散对数DL(Discrete Logarithm)问题和判定DH(Decision Diffie–Hellman,DDH)问题,具有可证明安全性。对比已有方案,该方案不仅保证了安全性,而且计算开销和实现成本都较低,适用于在无线传感网络等计算、存储和通信资源受限的应用场景保障数据的机密性、完整性和认证性。
The study on several newly proposed certificateless signcryption schemes without pairing operation found that there are the correctness flaws or security flaws. Therefore,we proposed a new certificateless signcryption scheme without pairing. The new signcryption scheme changes the linear structure of two keys in current scheme,and is able to resist the public key replacement attack launched by the type I adversary; and it bonds the identities of signcryption sender and receptor with the message to be signed the encryption by adopting two hash functions to prevent internal attacks. The unforgeability and confidentiality of the new signcryption scheme could be deduced to a polynomial time adversary to resolve the discrete logarithm problem and decision Diffie Hellman problem,which were provably secure,in the random oracle model. Comparing with existing schemes,the new scheme not only ensures the security,its computational overhead and implementation costs are also lower,and is suitable for protecting data confidentiality,integrity and authentication in computing,storing and communication resources-constrained scenarios,like the wireless sensor networks.
出处
《计算机应用与软件》
CSCD
2016年第3期327-333,共7页
Computer Applications and Software
关键词
无证书密码学
签密
双线性对
随机预言模型
Certificateless cryptography
Signcryption
Bilinear pairing
Random oracle model
