基于边缘计算的并行密钥隔离聚合签名方案  被引量：1

作　　者：周利峰 殷新春[1,2] 宁建廷 ZHOU Li-feng;YIN Xin-chun;NING Jian-ting(College of Information Engineering,Yangzhou University,Yangzhou,Jiangsu 225127,China;College of Guangling,Yangzhou University,Yangzhou,Jiangsu 225128,China;College of Computer and Cyberspace Security,Fujian Normal University,Fuzhou,Fujian 350007,China;State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China)

机构地区：[1]扬州大学信息工程学院,江苏扬州225127 [2]扬州大学广陵学院,江苏扬州225128 [3]福建师范大学计算机与网络空间安全学院,福建福州350007 [4]中国科学院信息工程研究所信息安全国家重点实验室,北京100093

出　　处：《电子学报》2024年第3期1002-1015,共14页Acta Electronica Sinica

基　　金：国家自然科学基金(No.62032005,No.61972094);信息安全国家重点实验室项目(No.2021-ZD-02)。

摘　　要：无线医疗传感器网络的出现为患者的治疗带来了极大的便利.但是,无线医疗传感器网络中往往都使用不可信的公共信道进行数据通信并且只有唯一的云服务器处理大量的医疗数据,这就导致了通信安全、隐私保护、密钥泄露、云服务器计算负担过大、延迟高等问题.此外,现有的大多数无证书聚合签名方案无法抵抗完全选择密钥攻击.针对上述问题,本文提出一种适用于无线医疗传感器网络基于边缘计算的无证书并行密钥隔离聚合签名方案.方案引入边缘计算的架构使得签名的验证和聚合过程在更靠近终端用户的边缘层进行,在降低中心云服务器计算负担的同时还能有效的保护患者的隐私.本文方案继承了无证书和密钥隔离技术的优点,同时避免了复杂的证书管理、密钥托管以及密钥暴露等问题.在随机预言模型下证明了本文方案可以抵抗完全选择密钥攻击、Type I攻击以及Type II攻击.性能分析表明,与相关无证书签名方案相比,本文方案的计算开销至少可降低74.03%,通信开销至少可降低25%.The emergence of wireless medical sensor networks has brought great convenience to the treatment of pa⁃tients.However,in wireless medical sensor networks,untrusted public channels are often used for data communication and only a single cloud server processes a large amount of medical data,which leads to communication security,privacy preser⁃vation,key leakage,excessive computational burden on the cloud server,and high latency.In addition,most existing certifi⁃cateless aggregate signature schemes are unable to resist fully chosen-key attacks.Therefore,to address the above problems,a certificateless parallel key isolation aggregate signature scheme based on edge computing for wireless medical sensor net⁃works is proposed.The scheme uses the architecture of edge computing so that the verification and aggregation process of signatures is carried out at the edge layer closer to the end-user,which can reduce the computing burden of the central cloud server and ensure effective privacy protection.The proposed scheme inherits the advantages of certificateless and key isola⁃tion,while avoiding complex certificate management,key escrow,and key exposure.Under the random oracle model,it is proved that the proposed scheme can resist fully chosen-key attacks,Type I attacks,and Type II attacks.The performance analysis shows that,compared with the related certificateless signature scheme,the computational efficiency of the pro⁃posed scheme can be reduced by at least 74.03%,and the communication overhead can be reduced by at least 25%.

关 键 词：无线医疗传感器网络 无证书聚合签名 并行密钥隔离 边缘计算 随机预言模型 完全选择密钥攻击 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]