群智感知中基于区块链的带时效签密方案  被引量：3

作　　者：王利朋 陈钟[1] 关志[1] 李青山[1] WANG Li-Peng;CHEN Zhong;GUAN Zhi;LI Qing-Shan(School of Electronics Engineering and Computer Science,Peking University,Beijing 100871;College of Information Science and Technology,Zhengzhou Normal University,Zhengzhou 450044)

机构地区：[1]北京大学信息科学技术学院,北京100871 [2]郑州师范学院信息科学与技术学院,郑州450044

出　　处：《计算机学报》2021年第11期2216-2232,共17页Chinese Journal of Computers

基　　金：国家重点研发计划(2020YFB1005404,2018YFB0803601);河南省高等学校重点科研项目计划(22A520048,20B520040)资助.

摘　　要：用户利用手机或者智能手环等终端设备收集环境数据,但数据在传输过程中极容易遭受窃听、篡改等威胁.基于椭圆曲线提出一种无证书签密方案,以保障信息的安全性和可验证性.基于离散对数和计算性Diffie-Hellman问题,在随机预言机模型下证明了方案的机密性和不可伪造性,此外新方案具有公开验证性和匿名性等安全属性.为了方便对终端设备的精确控制,提出一种适配于签密方案的节点退出机制,在该机制中,基于区块链进行公钥时效管理,确保设备按照配置策略退出.公钥信息存储在区块链中,避免了针对公钥信息恶意篡改的问题.由智能合约更新公钥有效性,无需人工参与,确保时效管理模块的可信性.区块链执行公钥时效更新操作,不占用物联网设备的计算资源.性能分析显示,新方案具有较短的密钥长度,较低的计算复杂度.在实验仿真部分,首先给出了签密算法各个步骤执行时间的对比结果,并分析了数据量对签密算法性能的影响.然后给出了引入时效管理模块后签密算法执行的时间,结果显示签密步骤性能损失约为7%,解签密步骤性能损失不到1%,而且两个步骤执行时间均不超过120 ms,能够有效适配到物联网应用场景中.Users can utilize terminal devices such as mobile phones or smart bracelets to collect surrounding data,but those data are vulnerable to network threats such as eavesdropping and tampering during data transmission.In order to guarantee the security and authenticity of the users’data,a certificate-less signcryption scheme based on the elliptic curve is proposed.The proposed scheme includes seven steps which are setup,genPartialKey,genPrivateKey,genPublicKey,signCrypt,unSignCrypt and verifySign.For the setup step,with the input of security parameters,key generation centers(KGCs)output the system master key and public parameters.During the genPartialKey phase,KGCs and users take the system master key,user identities and other parameters as inputs to generate partial keys for users.The next step is to generate private keys.The fourth step is to generate those users’public keys.For the signCrypt phase,a sender calculates the ciphertext for the original plaintext with public parameters and other information as inputs.The sixth step is to perform the decryption operation,and after that the receiver outputs the plaintext corresponding to the given ciphertext.The final step is to verify the decrypted plaintext with public keys and other parameters.All the above steps do not include bilinear pairing operations,which are time consuming.Based on the intractability of the elliptic curve discrete logarithm problem and the elliptic curve Diffie-Hellman problem,confidentiality and unforgeability of the proposed method are proved in the random oracle model.The new scheme also owns other security attributes such as public verification,anonymity,which are also discussed in the paper.For precise control of sensing devices,we propose a node withdrawal method,which can be adapted to the new signcryption scheme.The new node withdrawal method introduces a public key aging mechanism based on blockchain to guarantee that a device can exit according to system configurations.Public keys of those devices are stored in blockchain with the

关 键 词：群智感知 区块链 时效性 离散对数 签密 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]