证书less代理签名:权限委托与安全应用
64 浏览量
更新于2024-08-27
收藏 257KB PDF 举报
"Delegation of signing rights using certificateless proxy signatures"
文章标题所提到的"Delegation of signing rights using certificateless proxy signatures"是指一种基于无证书的代理签名技术,用于在特定情境下授权代理签署者代表原始签署者进行签名。代理签名方案在分布式系统、网格计算、移动代理应用、分布式共享对象系统、全球分布网络以及移动通信等领域有着广泛的实际应用。无证书公钥密码学是近年来的研究热点,其优点在于无需证书管理和密钥托管,与传统的基于证书的公钥密码体制相比,它提供了一种更为安全和便捷的身份验证和签名机制。
描述中提到了几个关键概念:
1. **电子投票**:电子投票系统需要确保投票的匿名性和完整性,代理签名可以用于实现投票者的身份验证,同时保护他们的隐私。
2. **无收据的公平性**:这是一种保证投票或其他交易过程公正性的属性,确保参与者不能伪造或篡改交易记录。
3. **盲签名**:盲签名允许签名者在不知道签名消息具体内容的情况下进行签名,这在保护用户隐私和数据机密性方面非常有用,例如在电子货币或匿名通信中。
4. **双陷阱门承诺**:这是一种安全协议,允许一方(发件人)向另一方(接收人)承诺一个值,而不会立即揭示它,直到满足某些条件。这种技术常用于防止重放攻击和确保信息的不可抵赖性。
文章的部分内容提到了几位作者及其研究机构,表明这是一篇经过同行评审的学术文章,可能详细探讨了无证书代理签名的构建、安全性分析、效率评估,以及可能的应用场景。文章的发表时间表明,这是2011年的研究成果,可能包含了当时对无证书代理签名领域的最新理解和进展。
这篇文章的核心知识点是无证书代理签名技术,它在各种信息安全和分布式系统中扮演着重要角色,同时涉及了电子投票系统的安全特性、盲签名和双陷阱门承诺等密码学概念。无证书公钥密码学的使用旨在解决传统证书管理的问题,提供更高效和安全的签名服务。
(1) Bilinearity: e(aP,bQ)=e(P,Q)
ab
for P; Q 2 G
1
; a; b 2 Z
q
.
(2) Non-degeneracy: There exists P,Q 2 G
1
such that e(P,Q) – 1.
(3) Computability: There exists an efficient algorithm to compute e(P,Q) for any P, Q 2 G
1
.
Computational Diffie–Hellman (CDH) Problem in G
1
: Given a generator P of G
1
, and (aP, bP) for unknown a; b 2 Z
q
;to
compute abP. The CDH assumption is that there is no polynomial-time algorithm that can solve the CDH problem with
non-negligible probability.
2.2. Certificateless proxy signature schemes
A CLPS scheme consists of eight algorithms: Setup, Partial-Private-Key-Extract, Delegate, UserKeyGen, DVerify, PKgen, PSign
and PVerify. The first two algorithms are performed by the KGC, and the rest ones are performed by the users. The description
of each algorithm comes as follows:
Setup: This algorithm accepts a security parameter k and returns a master-key and a list of system parameters params.
Partial-Private-Key-Extract: This algorithm accepts a user’s identity ID and produces the user’s partial private key D
ID
.
UserKeyGen: This algorithm takes as input a user’s identity ID and outputs the user’s secret/public key x
ID
/P
ID
.
Delegate: This algorithm takes as input the original signer’s partial private key D
O
, secret key x
O
, a warrant m
w
and outputs
the delegation
-
=(m
w
,
r
w
).
DVerify: This algorithm takes as input
-
and verifies whether
-
is a valid delegation from the original signer.
PKgen: This is the proxy key generation algorithm that takes as input
-
, the partial private key D
P
and secret key x
P
of the
proxy signer, and outputs a proxy signing key K
P
.
PSign: This is the proxy signing algorithm that takes as input
-
=(m
w
,
r
w
), a proxy signing key K
P
and a message
m 2 {0, 1}
⁄
to generate a proxy signature (m, m
w
,
r
).
PVerify: The proxy signature verification algorithm takes as input the original signer’s identity/public key ID
O
/P
O
, the
proxy signer’s identity/public key ID
P
/P
P
, a proxy signature (m, m
w
,
r
), and outputs true if the proxy signature is valid
or false otherwise.
3. Security definitions of certificateless proxy signature schemes
3.1. Adversaries in certificateless public key cryptography
Two types of adversaries [1] with different capabilities are generally considered in CL-PKC. They are known as Type I
Adversaries and Type II Adversaries.
A Type I Adversary A
I
models an ‘‘outsider’’ adversary, who has the ability to replace the public key of any user with a
value of his choice, but he does not have access to the master-key.
A Type II Adversary A
II
models the KGC who has access to the master-key (which is used to generate a user’s partial private
key) but cannot perform public key replacement.
1
Obviously, a secure CLPS scheme must avoid both types of the adversaries to forge a valid CLPS.
3.2. The model
Boldyreva et al. [3] were the first to introduce a formal security model for proxy signatures. They gave a significant
improvement over previous treatments of proxy signatures in terms of security analysis. Later, Malkin et al. [13] proposed
an extended security model, allowing multi-level proxy signatures. The security model for proxy signatures was further im-
proved in [15], in which they allow the security notion of proxy signature unforgetability under an adaptive chosen message
attack with proxy key exposure. In this paper, integrating the properties of certificateless public key cryptosystems and tra-
ditional proxy signatures, we present the model of certificateless proxy signatures.
Before defining the security model of CLPS schemes, we first discuss the potential attacks on CLPS schemes. Roughly
speaking, a CLPS signature scheme is secure, if the scheme can resist to the following types of attacks:
Type A: A Type I/II Adversary who does not know the full private key of the original signer forges a valid delegation on
behalf of the original signer.
Type B: A Type I/II Adversary who does not know the full private key of the original signer forges a valid proxy signature.
Type C: A Type I/II Adversary who does not know the full private key of the proxy signer forges a valid proxy signature.
1
Note that if A
II
replaces a user’s public key, it is equivalent to a CA in a traditional PKI forgers a user’s certificate. In this way, the trust level of CL-PKC is
similar to the trust level in a traditional PKI.
300 L. Zhang et al. / Information Sciences 184 (2012) 298–309
剩余11页未读,继续阅读
2021-02-08 上传
2006-02-23 上传
Java 1.Conclude the usage of the keyword final and static. 2.Introduction of Parent Delegation Model
2023-05-12 上传
2023-06-07 上传
2023-04-11 上传
2023-06-06 上传
2023-06-06 上传
2024-04-18 上传
2024-02-06 上传
weixin_38587130
- 粉丝: 4
- 资源: 937
我的内容管理
展开
最新资源
- 掌握数学建模:层次分析法详细案例解析
- JSP项目实战:广告分类系统v2.0完整教程
- 如何在没有蓝牙的PC上启用并使用手机蓝牙
- SpringBoot与微信小程序打造游戏助手完整教程
- 高效管理短期借款的Excel明细表模板
- 兄弟1608/1618/1619系列复印机维修手册
- 深度学习模型Sora开源,革新随机噪声处理
- 控制率算法实现案例集:LQR、H无穷与神经网络.zip
- Java开发的HTML浏览器源码发布
- Android闹钟程序源码分析与实践指南
- H3C S12500R升级指南:兼容性、空间及版本过渡注意事项
- Android仿微信导航页开门效果实现教程
- 深度研究文本相似度:BERT、SentenceBERT、SimCSE模型分析
- Java开发的zip压缩包查看程序源码解析
- H3C S12500S系列升级指南及注意事项
- 全球海陆掩膜数据解析与应用
