无双线性对的无证书签名方案及其在配电网中的应用

Certificateless Signature Scheme Without Bilinear Pairings and Its Application in Distribution Network

无证书密码体制解决了传统公钥密码体制存在的公钥证书管理复杂的问题,以及基于身份的密码体制存在的密钥托管问题。因此,文中提出了一种基于椭圆曲线的无双线性对的无证书签名方案,在随机预言机模型以及椭圆曲线离散对数困难问题假设下,利用分叉引理(The Forking Lemma)证明了该方案可以抵抗第一类强敌手和第二类敌手的攻击。然后,将该方案与2016年以来提出的其他4种基于椭圆曲线的无证书签名方案在理论上进行性能比较,并采用C语言实现所有签名方案,对所有方案进行效率比较。实验结果表明,该方案与Jia方案相比平均总耗时相近,与Hassouna方案、Zhang方案和Karati方案相比,平均总耗时分别减少了约51.0%,10.4%和22.1%,说明所提方案的总效率具有一定的优势。最后,将提出的签名方案应用到配电网Modbus TCP(Transmission Control Protocol)模式通信的报文认证中,对提出的认证协议进行了安全性分析,结果表明其可以抵抗重放攻击、伪装攻击和中间人攻击。

The certificateless cryptosystem solves the complex problem of public key certificate management in the traditional public key cryptosystem and the problem of key escrow in the identity based cryptosystem.This paper proposes a certificateless signature scheme based on the elliptic curve with no bilinear pairings.Under the assumption of random oracle model and the difficulty of elliptic curve discrete logarithm,by using the bifurcation lemma(the Forking lemma),this paper proves that the scheme can resist the attack of the first class of strong adversaries and the second class of adversaries.Then,the performance of the scheme is compared with that of the other four certificateless signature schemes based on elliptic curve proposed since 2016,and all signature schemes are implemented by C language,and the efficiency of all schemes is compared.The results show that the ave-rage total time consumption of the proposed scheme is similar to that of Jia scheme,and compared with that of Hassouna scheme,Zhang scheme and Karati scheme,the average total time consumption are decreased by 51.0%,10.4%and 22.1%respectively,which shows that the total efficiency of this scheme has some advantages.Finally,the signature scheme of this paper is applied to the message authentication of Modbus TCP(Transmission Control Protocol)communication in distribution network.The security analysis of the proposed authentication protocol shows that the proposed scheme can resist replay attack,camouflage attack and man in the middle attack.