摘要
为了提高网络认证效率和安全性,利用双线性对技术提出了一种基于身份的无证书高效签名算法。用户使用的私钥由密钥生成中心和自身共同决定,适用于对密钥生成中心不是非常信任的场合。同时用户一旦发现自身私钥泄漏,通过算法生成新的公钥并重新公布,防止黑客伪造签名,解决了密钥撤销问题。用户在不改变自身公钥的前提下,与其通信的服务器无需维护通行字列表,通过计算身份索引号就能认证用户。该算法具有匿名性和不可否认性,简要分析了算法性能,并基于随机预言机模型证明了该算法在适应性选择消息攻击下不可伪造。
To improve the efficiency and security of network authentication, an efficient Identity-based signature algorithm using bilinearpairing technology without certificate is proposed. The private key of user is decided by key generation center and the user himself, apply to the key generation center is not very trust occasions. Once the private key is leaked, user generates the new public key through the algorithm, preventing hackers to forge signature and solving the key revocation problem. In precondition of unchangeable public key ofuser, the communications server need not to maintain a certification list of common words, by calculating the index number will be able to authenticate the user identity. In addition, the algorithm has the anonymity and non-repudiation. Finally, a brief analysis of algorithm performance and based on the random oracle model show that the algorithm under adaptive chosen message attack can not be forged.
出处
《计算机工程与设计》
CSCD
北大核心
2011年第10期3287-3291,共5页
Computer Engineering and Design
关键词
密钥生成中心
身份签名
双线性对
认证
匿名性
key generation center
identity-based signature
bilinear pairing
authentication
anonymity