To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggre...To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.展开更多
基金supported by the National Grand Fundamental Research 973 Program of China under Grant No.2011CB302903 the National Natural Science Foundation of China under Grants No.61073188,No.61073115+1 种基金 the Key University Science Research Project of Jiangsu Province under Grant No.11KJA520002 the Priority Academic Program Development of Jiangsu Higher Education Institutions under Grant No.yx002001
文摘To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.
