改进的多接收者签密方案  被引量：10

作　　者：李慧贤[1] 陈绪宝[1] 巨龙飞[1] 庞辽军[2] 王育民[2] 

机构地区：[1]西北工业大学计算机学院西安710072 [2]西安电子科技大学综合业务网国家重点实验室西安710071

出　　处：《计算机研究与发展》2013年第7期1418-1425,共8页Journal of Computer Research and Development

基　　金：国家自然科学基金项目(61103178);高等学校博士学科点专项科研基金项目(20096102120045)

摘　　要：针对现有签密方案存在的可能泄漏接收者隐私、解签密不公平和无公开验证性等问题,采用拉格朗日插值函数方法对其进行改进,提出了一个新的基于身份的多接收者签密方案.新方案将接收者解签密所需的身份信息揉合在一起,实现对接收者隐私的保护,具有解签密匿名性;每一个接收者解密所需密文信息相同,满足解签密公平性;任何第三方在仅拥有密文时就可验证密文发送方的身份,满足公开可验证性.与现有签密方案相比,新方案具有更小的计算量和密文长度.在随机预言模型下,给出了新方案基于双线性Diffie-Hellman(bilinear Diffie-Hellman,BDH)问题假设和计算Diffie-Hellman(computational Diffie-Hellman,CDH)问题假设的安全性证明.Signcryption is a public key cryptographic primitive that combines the functionalities of encryption and digital signature in a single logical step with low-overhead computation and communication. Some secure problems are found in the existing multi-receiver signcryption scheme, that is, disclosure of the recipients＇ privacy, unfair de-signcryption and no public verifiability. In order to solve these problems, a new identity-based multi-receiver signcryption scheme is presented by using Lagrange interpolating polynomial in this paper. The proposed scheme has three major features. the anonymous de-signcryption which can protect the recipients＇ privacy by gathering identity information of all the authorized recipients, the fair de-signcryption which means the same ciphertexts are received by all the authorized recipients, and the public verifiability which ensures that any third parties are able to verify the validity of the sender by the eiphertext only. Moreover, the signer only needs to compute one bilinear paring operation and one exponent operation in the implementation of the proposed scheme. Compared with the existing signcryption schemes, the proposed scheme is more efficient in the computational complexity and ciphertext size. Finally, we prove its semantic security under the hardness of bilinear Diffie-Hellman （BDH） problem and its unforgeability under the computational Diffie-Hellman （CDH） assumption in the random oracle model respectively.

关 键 词：多接收者签密 匿名性 公平性 公开验证性 可证明安全 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]