基于身份标识的特殊数字签名方案及其应用

传统的基于身份标识的密码体制存在着密钥托管问题,当私钥生成器出现安全问题时,易造成整个密码系统瘫痪,因此解决密钥托管问题一直是密码学研究的一个热点。对此,文中提出了一种基于身份标识的特殊数字签名方案,该方案无需可信的第三方介入。首先,在随机预言机模型以及计算性Diffie-Hellman(Computational Diffie-Hellman,CDH)困难问题的假设下,证明了方案的安全性;然后,与几种基于身份的数字签名进行理论上的性能比较和分析;最后,基于PBC(Pairing-Based Cryptography)库,采用C语言实现了签名方案,并对几种签名方案的实际运行效率进行了分析。实验结果表明,文中提出的方案平均总耗时约为0.148 s,相比Subhas和Neetu方案的平均总耗时分别减少了约11.9%和13.5%,与Shamir和Boneh方案的耗时接近。因此,所提方案的计算复杂度较低,效率较高,适用于危险品运输监测等数据保护要求较高的应用场景。     

一种抗不诚实第三方攻击的一次性公钥方案

针对现有典型一次性公钥方案无法抵抗不诚实第三方恶意攻击的问题,提出一种可对第三方行为进行双重约束的一次性公钥改进方案。基于该方案,用户和服务提供方可通过第三方发布的身份索引及私钥生成过程中的公开可验证消息对其诚实性进行判断,从而约束第三方的不诚实行为。同时,采用的索引生成算法在一定程度上提高了对恶意用户的追踪效率。     

Intrusion-resilient identity-based signature: Security definition and construction

Traditional identity-based signatures depend on the assumption that secret keys are absolutely secure. Once a secret key is exposed, all signatures associated with this secret key have to be reissued. Therefore, limiting the impact of key exposure in identity-based signature is an important task. In this paper, we propose to integrate the intrusion-resilient security into identity-based signatures to deal with their key exposure problem. Compared with forward-secure identity-based signatures and key-insulated identity-based signatures, our proposal can achieve higher security. The proposed scheme satisfies that signatures in any other time periods are secure even after arbitrarily many compromises of base and signer, as long as the compromises do not happen simultaneously. Furthermore, the intruder cannot generate signatures pertaining to previous time periods, even if she compromises base and signer simultaneously to get all their secret information. The scheme enjoys nice average performance. There are no cost parameters including key setup time, key extract time, base (signer) key update time, base (signer) key refresh time, signing time, verifying time, and signature size, public parameter size, base (signer) storage size having complexity more than O(log T) in terms of the total number of time periods T in this scheme. We also give the security definition of intrusion-resilient identity-based signature scheme and prove that our scheme is secure based on this security definition in the random oracle model assuming CDH problem is hard.     

无双线性对的轻量级IBS方案

基于身份的签名(IBS)方案大多需要复杂的双线性对运算,因此签名算法效率很低,不适用于无线自组织网络的密钥管理、安全路由等通信安全协议。针对该问题,提出一个无需双线性对的IBS方案。在随机预言模型下证明该方案满足不可伪造性,可抵抗选择消息攻击。理论分析表明,与同类方案相比,该方案的计算量和传输代价更小,效率更高。     

基于身份的强指定验证者签名方案

针对近期提出的基于身份强指定验证者签名方案的安全漏洞,通过采用在随机Oracle模式安全的知识的零知识证明方法,构建一个安全的基于身份的强指定验证者签名方案.同时与以往体制相比,实现效率有明显提高.     

Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions

We identify and fill some gaps with regard to consistency (the extent to which false positives are produced) for public-key encryption with keyword search (PEKS). We define computational and statistical relaxations of the existing notion of perfect consistency, show that the scheme of Boneh et al. (Advances in Cryptology—EUROCRYPT 2004, ed. by C. Cachin, J. Camenisch, pp. 506–522, 2004) is computationally consistent, and provide a new scheme that is statistically consistent. We also provide a transform of an anonymous identity-based encryption (IBE) scheme to a secure PEKS scheme that, unlike the previous one, guarantees consistency. Finally, we suggest three extensions of the basic notions considered here, namely anonymous hierarchical identity-based encryption, public-key encryption with temporary keyword search, and identity-based encryption with keyword search. An extended abstract of this paper appears in Advances in Cryptology—CRYPTO 2005, ed. by V. Shoup, Santa Barbara, California, August 14–18, 2005, Lecture Notes in Computer Science, vol. 3621 (Springer, Berlin, 2005), pp. 205–222. This is the full version.     

Improved ID-based security framework for ad hoc network

As mobile devices with wireless communication capacity become more and more popular, the study on ad hoc networks that offer convenient infrastructure-free communication has arose the attention from both the academic and the industry. However, the previous security schemes proposed for ad hoc networks either suffer from the structure support problems or have security flaws. This paper examines the weaknesses of a Bohio–Miri’s recent work, and then proposes our new schemes to enhance the security and the performance. The security of the proposed protocols is proved in the random oracle model.     

基于虹膜信息的身份签名方案

生物特征的应用集中在两个方面,一是传统的身份认证和识别技术,二是密钥的产生技术。该文研究了从虹膜信息中提取特征码,采用模糊方法从虹膜特征码中提取随机串并将其嵌入到椭圆曲线中等问题。以虹膜信息为基础产生公钥,提出了一种基于虹膜信息的身份签名方案。该方案引进两个密钥生成系统,可有效防止单个密钥生成系统随意伪造签名的缺陷,进一步提高系统的安全性和可靠性。在随机预言机模型下,该方案被证明在适应性选择消息和身份攻击下具有不可伪造安全,并能有效抵抗生日攻击。     

对一种基于身份的已知签名人的门限代理签名方案的分析

在TAMC'06上,Bao等人以双线性对为工具,首次提出了一种基于身份的已知签名人的门限代理签名方案(以下标记为BCW方案),并得出了满足强不可伪造性以及原始签名人发送签名了的授权证书时并不需要安全信道等安全性结论。本文对BCW方案进行了安全性分析,成功地给出了一种攻击,攻击者通过公开渠道获得一个合法的原始签名人发送给代理签名人的签名了的授权证书以及代理签名人已经生成的一个有效的代理签名后,能够伪造出一个新的对相同消息的代理签名,而原始签名人变为攻击者自己。由于验证者并不能验证代理签名人到底是代表谁生成了代理签名, 这样,攻击者就获得了与合法原始签名人相同的权益。为了避免这种攻击,本文提出了改进的措施,分析表明,改进措施能有效地弥补了该方案的安全缺陷。     

无线自组网络上基于身份的密钥生成协议

着重研究了无线自组网络上基于身份的密码体制的密钥生成问题,设计了一个分布式的密钥生成协议。该协议不需要预先分发任何秘密信息,不需要假设用户间存在安全信道和可信第三方,在设定系统参数后,自组网络的各站点运行该协议,就可以安全有效地生成与自己身份相对应的用户私钥,从而有效地使用基于身份的密码体制实现自组网络内部的端到端认证和保密通信。