Research On Authentication Schemes Based On Bilinear Pairings

With the fast development of computer and networks, information security has become one of the most important problems in the information society. Authentication schemes are one of the most useful and fundamental primitives in public key cryptography which applies cryptographic methods to achieve the security services such as authenticity, integrity and nonrepudiation. Digital signatures and identification protocols are the crucial techniques to realize the secure e-commerce and secure e-government. Many researchers do much work on authentication schemes, and obtain great achievement. However, some issues on authentication schemes are not resolved effectively. It is necessary to do further research on these issues.Provable security is the basic requirement of digital signature schemes. Most of existing digital signature schemes are provably secure in the random oracle model. However, the idealized random oracle model has certain limitations, that is, ideal random functions cannot be implemented in the standard model. Therefore, it is an important issue to design an efficient and provably secure in the standard model. A new and efficient signature scheme was presented, which was provably secure in the standard model from bilinear maps. The security of the proposed scheme is based on the strong Diffie-Hellman (SDH) assumption. The formal proof of security of the proposed signature scheme was showed under the SDH assumption in the standard model. The proposed scheme is practical. The generation of signatures needs not the calculation of bilinear maps and the verification just needs twice calculations of bilinear maps.As a variant of ordinary signature schemes, proxy signature schemes allow original signers to delegate their signing rights to proxy signers and are useful in many applications. However, there are some drawbacks in most of existing proxy signature schemes. Some schemes have only heuristic analysis, that is, they have no formal security models and rigorous security proofs; some schemes are provable secure only in the weak security models, which did not consider the real attacks such as chosen key attacks and chosen delegation warrant attacks. In order to overcome these flaws, two new enhanced formal model of security for proxy signature schemes are presented: one is the enhanced registered key model and the other is the chosen key model. Two proxy signature schemes are proposed from bilinear maps: one is provably secure in the enhanced registered key model and the other is provably secure in the chosen key model. In the two proposed proxy signature schemes, ordinary signatures and proxy signatures are all short signatures, i.e., each signature is represented only one element of the employed group. Security proofs of the two proposed proxy signature schemes were provided by reducing directly the security of the proxy scheme to the basic signature schemes.An aggregate signature scheme is a digital signature scheme which allows a collection of signatures to be able to be compressed into one short signature. Aggregation is useful to reduce bandwidth and storage. To reduce the amount of memory required to store standard signatures and proxy signatures, and the computational time required to verify their validity, a new notion called unrestricted hybrid aggregate signatures is introduced and formalized. Unlike previous aggregate signatures, unrestricted hybrid aggregate signatures can aggregate simultaneously standard signatures and proxy signatures into a single short signature, and more importantly it is not required that all the signers and/or all the messages are distinct. The single signature will convince the verifier that all the signers did indeed sign the corresponding messages. A concrete unrestricted hybrid aggregate signature scheme UHAS based on bilinear maps was proposed. The proposed scheme UHAS was showed that it was provable secure in the random oracle under the computational co-Diffie-Hellman assumption.Certificateless signatures are a new and attractive paradigm, which can eliminate the use of certificates as in the traditional PKI, while at the same time, solve the key escrow problem that is inherent in identity based cryptography. Unfortunately, many proposed certificateless signature schemes have security flaws. Several certificateless cryptosystems were analyzed which involved a certificateless signature scheme, a certificateless proxy signature schemes, a mediated certificateless signature scheme and a certificateless signature scheme provably secure in the standard model. It was showed that these certificateless signature schemes were all insecure against key replacement attacks and/or malicious KGC attacks. The reasons for these flaws were discussed and the defense measures and improved schemes were given.Most existing identification protocols are provably secure in the random oracle model. In this thesis, two efficient and provably secure ID-based identification schemes were presented, which are provably secure in the standard model based on the strong Diffie-Hellman assumption. It was showed in the standard model that one scheme was secure against impersonation under passive attack and the other scheme was secure against impersonation under active and concurrent attacks.