ISSN 1000-1239 CN 11-1777/TP

• 论文 • 上一篇    下一篇

不使用双线性对的无证书签密方案

朱辉 李晖 王育民   

  1. (计算机网络与信息安全教育部重点实验室(西安电子科技大学) 西安 710071) (zhuhui@xidian.edu.cn)
  • 出版日期: 2010-09-15

Certificateless Signcryption Scheme Without Pairing

Zhu Hui, Li Hui, and Wang Yumin   

  1. (Key Laboratory of Computer Network and Information Security (Xidian University), Ministry of Education, Xian 710071)
  • Online: 2010-09-15

摘要: 签密能够在一个合理的逻辑步骤内同时完成对信息的数字签名和公钥加密,其计算量和通信成本均大幅低于传统的“先签名后加密”,基于离散对数提出了一种不使用双线性对的无证书签密方案,并在随机预言机模型下给出了安全性证明,在CDH和DL假设下,该方案被证明是安全的,此外该方案还具有公开验证、前向安全和不可否认等安全属性.在计算效率方面,该方案仅需3次指数运算,与其他无证书签密方案相比,不进行对运算效率更高.

关键词: 无证书, 签密, 离散对数, 双线性对, 随机预言机模型

Abstract: Signcryption is a cryptographic primitive that fulfills both the functions of the public key digital signature and the public key encryption in a logical single step, at a cost in the computational and communication significantly lower than that required by the traditional “signature then encryption” approach. Based on discrete logarithm, a new certificateless signcryption scheme without using the bilinear pairings is presented in this paper, and the method to build certificateless signcryption scheme without using the bilinear pairings seems to have never been addressed in the existing literatures. The security analysis of the proposed scheme in the implementation plan with the random oracle model is presented in this paper, and the results show that the proposed scheme is secure on the assumption that the compute Diffle-Hellman problem and the discrete logarithm problem are the difficult problems. The proposed scheme also has the security properties of confidentiality, non-forgeability, publicly verifiability, non-repudiation and perfect forward security, etc. Moreover, the implementation of the proposed scheme only requires three times exponent operations and without any bilinear pairing operation. Compared with other existing certificateless signcryption schemes in the computational complexity, the proposed scheme is more efficient.

Key words: certificateless, signcryption, discrete logarithm, pairing, random oracle model