安全高效无证书有序多重签名方案

无证书密码体制(certificateless cryptography,CLC)将用户私钥拆分为部分私钥和秘密值,其中部分私钥由密钥生成中心(key generator center,KGC)生成,而秘密值由用户自己选定,从而解决了基于身份密码体制所固有的密钥托管问题.此外,由于用户公钥由秘密值决定,无需认证中心(certificate authority,CA)对用户的公钥证书进行管理,解决了传统密码体制的证书管理问题.有序多重签名可用于电子政务和电子商务系统实现公文的逐级审批发布,提高认证效率.将有序多重签名和无证书密码相结合,提出一种安全高效的无证书有序多重签名方案,多重签名的长度及验证时间均与签名者个数无关,是紧致的无证书有序多重签名方案.方案使用较少的双线性对且只有一个签名消息,具有较高的计算效率和通信效率.证明了方案在随机预言模型(random oracle model,ROM)下具有不可伪造性.

Secure and efficient certificateless sequential multi-signature scheme

In the certificateless cryptography(CLC), the user''s private key is split in partial private key and secret value. The partial private key is generated by the key generator center (KGC), while the secret value is chosen by the user itself,and the certificateless cryptography solves the key-escrow problem in the ID-based cryptography( IBC). Furthermore, the user''s public key is generated by the secret value, and there is no certificate authority(CA) to manage the public key certificate. The CLC is also used to eliminate certificates in traditional public key cryptography. The sequential multi-signature scheme could resolve the problem of authentication of recommendation information transmitted through trust train, and improve the efficiency of the verification. We combine the certificateless cryptography with the sequential multi-signature, and propose a secure and efficient certificateless sequential multi-signature scheme, the size of the multi-signature and the time for verification are independent on the number of signers. The scheme uses less bilinear pairing and generates only one signature message,which has lower computation cost and communication cost. Finally, we prove that the scheme can resist the forgery attack under the random oracle model.