计算机应用 ›› 2012, Vol. 32 ›› Issue (03): 699-704.DOI: 10.3724/SP.J.1087.2012.00699

• 信息安全 • 上一篇    下一篇

具有分布式打开权威的隐藏身份签名方案

柳欣1,2   

  1. 1.山东青年政治学院 信息工程学院, 济南 250014;
    2.山东大学 计算机科学与技术学院, 济南 250101
  • 收稿日期:2011-08-23 修回日期:2011-11-09 发布日期:2012-03-01 出版日期:2012-03-01
  • 通讯作者: 柳欣
  • 作者简介:柳欣(1978-),男,山东广饶人,讲师,博士研究生,CCF会员,主要研究方向:信息安全、密码学。
  • 基金资助:

    山东省高等学校科技计划项目(J11LG29)。

Hidden identity-based signature scheme with distributed open authorities

LIU Xin1,2   

  1. 1.School of Information Engineering, Shandong Youth University of Political Science, Jinan Shandong 250014, China;
    2.School of Computer Science and Technology, Shandong University, Jinan Shandong 250101, China
  • Received:2011-08-23 Revised:2011-11-09 Online:2012-03-01 Published:2012-03-01
  • Contact: Xin LIU

摘要: 基于双线性映射的隐藏身份签名方案不满足可开脱性和选择密文攻击(CCA)匿名性,而在RSA群上构造的隐藏身份签名方案具有较高的通信和运算耗费。为此,利用块消息签名技术实现了可开脱性,提出一个允许设置分布式打开权威的改进方案。改进方案通过将分布式密钥提取和可同时执行的知识证明技术应用于底层门限加密方案,有效地实现了对打开权威的权利分发。此外, 为了克服传统串行注册方式无法抵抗拒绝服务攻击的不足,利用承诺的知识证明技术将注册过程增强为满足并发安全性的协议。在随机预言模型下,改进方案可证满足所要求的所有安全性质。对比实验结果表明:改进方案的签名长度更短, 签名与验证算法开销更小,由可信服务器执行的门限解密过程是并发安全的且在自适应攻击者模型下满足可证安全性。

关键词: 数字签名, 群签名, 基于身份的签名, 知识证明, 门限加密, 自适应安全性

Abstract: Hidden identity-based signature schemes from bilinear maps do not achieve exculpability and Chosen-Ciphertext Attack (CCA) anonymity, while schemes of this type built on RSA groups suffer from significant communication and computation overheads. Concerning this situation, an improved scheme with distributed open authorities was put forward, which satisfied exculpability by making use of the block messages signature. It achieved efficient distribution of the open authority by applying distributed key extraction and simultaneous proof of knowledge to the underlying threshold encryption scheme. Furthermore, to cope with the shortcomings of traditional serial registration, i.e., being vulnerable to the denial-of-service attack, its registration protocol was enhanced to be concurrent-secure by using the method of committed proof of knowledge. In the random oracle model, the proposed scheme could be proved to fulfill all the required properties. Performance comparison shows that the resultant signature is shorter and the algorithms (i.e., Sign and Verify) are more efficient. Moreover, the process of threshold decryption by trusted servers is proved to be concurrently-secure and it is also immune to adaptive adversaries.

Key words: digital signature, group signature, identity-based signature, knowledge proof, threshold encryption, adaptive security

中图分类号: