一种抗伪造攻击的车联网无证书聚合签密方案  被引量：4

作　　者：潘森杉 王赛妃 PAN Senshan;WANG Saifei(Jiangsu Key Laboratory for Industrial Network Security Technology,Jiangsu University,Zhenjiang 212013,China;College of Computer and Communication Engineering,Jiangsu University,Zhenjiang 212013,China)

机构地区：[1]江苏大学江苏省工业网络安全技术重点实验室,江苏镇江212013 [2]江苏大学计算机科学与通信工程学院,江苏镇江212013

出　　处：《西安电子科技大学学报》2023年第2期169-177,共9页Journal of Xidian University

基　　金：国家重点研发计划基金(2020YFB1005500);国家自然科学基金青年基金(61702230,61902156,61802154);中国博士后科学基金(2019M651738);江苏省前沿引领技术基础研究专项(BK20202001)。

摘　　要：车联网给现代交通系统带来了极大的便利并受到人们的广泛关注。在车联网中,车辆访问控制的身份认证和发送消息的隐私性是两个关键问题。同时,由于有限的带宽以及车辆的高移动特性,验证效率也至关重要。聚合签密方案可以有效解决上述问题。但现有部分基于Schnorr签名的聚合签密方案未对密钥进行正确的哈希绑定,而无法抵御两类公钥替换攻击;且在进行聚合签密时,用户间交换部分签密信息生成的单个无效签密仍能通过聚合签密验证,故无法抵御合谋攻击。基于上述问题提出了一种新的面向车联网的无证书聚合签密方案。该方案利用密钥原像保护技术抵御公钥替换攻击,利用哈希抗碰撞特性抵御合谋攻击。在随机预言机模型下,证明了该方案的机密性与不可伪造性。与现有方案相比,该方案增强安全性的同时并未增加计算开销,整个验证阶段仍只需要6 n+1次点乘操作。性能分析表明,该方案完全适用于车联网。Vehicular ad-hoc networks(VANETs)have received substantial attention on account of great convenience to modern transportation systems.In VANETs,the authentication of the vehicular access control and the privacy of the messages are two crucial criteria.At the same time,verification efficiency is still critical due to the limited bandwidth and high mobility characteristics of vehicles.Aggregate signcryption schemes can effectively solve the above issues.However,some of the state-of-art schemes based on the Schnorr signature are unable to resist two types of signature forgery attacks due to incorrect hash binding.In addition,two vehicles can maliciously exchange their signcryption information which can be verified successfully.A new certificateless aggregate signcryption scheme for VANETs is presented.Secret key preimage protection technology is used to prevent signature forgery attacks and hash collision resistance is utilized to resist coalition attack.The confidentiality and unforgeability of the scheme are proved under the random oracle model.Furthermore,in comparison with the state-of-art schemes,the proposed scheme which requires 6n+1 point multiplication operations during the whole authentication process enhances security without increasing computational overhead.Performance analysis shows that the scheme is suitable for VANETs.

关 键 词：无证书聚合签密 身份认证 车联网 公钥替换攻击 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]