一种基于证书的数字签名方案  被引量：2

作　　者：安浩杨 何德彪 包子健 彭聪 AN Haoyang;HE Debiao;BAO Zijian;PENG Cong(School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education,Wuhan University,Wuhan 430072,China)

机构地区：[1]武汉大学国家网络安全学院,武汉430072 [2]武汉大学空天信息安全与可信计算教育部重点实验室,武汉430072

出　　处：《信息网络安全》2023年第3期13-21,共9页Netinfo Security

基　　金：国家重点研发计划[2021YFA1000600];中央高校基本科研业务费专项资金项目[2042022kf0045];国家自然科学基金[U21A20466,61972294,61932016]。

摘　　要：数字签名是实现数字认证的重要工具之一,具有身份合法性认证、抗抵赖、防伪造等特性,普遍应用于网络通信、电子商务等场景。基于证书签名是一种特殊的签名算法,该算法可以同时解决传统数字签名算法的证书验证问题和基于身份数字签名算法的密钥托管问题。文章提出一种基于证书的数字签名方案,证书颁发机构不需要将证书状态信息提供给整个系统,只需要联系证书持有者进行吊销和更新即可。文章所提方案由系统初始化算法、用户密钥生成算法、证书授权算法、签名算法和验证算法构成。文章在随机谕言机模型中证明该方案可以同时抵抗Type I敌手和Type II敌手,满足自适应选择消息攻击下的存在性不可伪造。与其他基于证书签名方案相比,文章所提方案在通信开销方面具有明显优势,更适用于通信资源有限的应用场景。Digital signature is an important tool to realize digital authentication.It has the characteristics of identity authentication,anti-repudiation,and anti-forgery.Therefore,it is widely used in current network communication,e-commerce and other scenarios.Certificate-based signature is a special signature algorithm that can solve both the certificate verification problem in traditional signature algorithms and the key escrow problem in identity-based signature algorithms.This paper proposed a certificate-based digital signature scheme.The certificate authority did not need to provide certificate status information to the entire system,but only needed to contact the certificate holder for revocation and renewal.The scheme proposed in this paper consisted of system initialization algorithm,user key generation algorithm,certificate authorization algorithm,signature algorithm and verification algorithm,and it was proved in the random oracle model that the scheme can resist both Type I and Type II adversaries.The existence of unforgeability under adaptive chosen message attack was satisfied.Compared with other certificate-based signature schemes,the scheme proposed in this paper has obvious advantages in communication overhead and is more suitable for application scenarios with limited communication resources.

关 键 词：SM9数字签名算法 基于证书签名 双线性对 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]