Research On Provably Secure Aggregate Signature Schemes And Their Applications

Cryptography provides the key theory and technology for various security requirements.Digital signature is a fundamental tool for authentication,non-repudiation and integrity verification,which makes it attractive to the research community and industrial world.With the development of network technology and application,there are many kinds of digital signatures that can meet the needs of different applications.Especially,the aggregate signature has become a hotspot of research in the field of cryptology and information security.The aggregate signature is a kind of digital signature with additional properties,which can combine many signatures generated by many different users into a short one,the verifier only needs to check the aggregate signature instead of all the individual signatures,so it can decrease transmission and storage cost of signatures,and it also can provide security services such as data integrity verification,authentication and non-repudiation.Therefore,it is very valid in compressing signatures,reducing the transmission and storage cost for networks.It is a digital signature technology with broad prospects and can be a decisive building block in many situations.This thesis focuses on data security,builds strong and reasonable security model and provably secure aggregation signature schemes under the security model,and provides the application research of aggregate signatures.The security model is the foundation of security proof.The former security models of aggregate signatures are not reasonable,and they do not consider the capabilities and types of attackers according to different application situations.For example,in situations with high-security requirements,the security model should stand up against all kinds of coalition attacks.Coalition attack means that some signers use a set of individual signatures which include at least one invalid single signature to generate a valid aggregate signature.Most of the former security models have not clearly described it,and the coalition attack is practical because the adversary can get control of some signers.So,such coalition attack should be taken into account in an appropriate security model with high-security requirements.Most of the work in this thesis is based on the new security models.First,according to an improved coalition resistance security model,an efficient aggregate signature scheme for healthcare wireless sensor networks is proposed.The unique way to produce a valid aggregate signature is that all involved individual signatures are valid.This scheme contains a system model which consists of four parts: authorized healthcare professionals,medical server,aggregator and sensors.The scheme needs to consider three problems: network congestion,coalition attacks and data integrity protection.Second,for wireless sensor networks,an identity-based aggregate signature scheme with a designated verifier is given.Through a game played with a challenger and an adversary,the identity-based aggregate signature security model is introduced which also can resist coalition attacks.The system model of this scheme has three components: data center,aggregator and sensor nodes.Sensors are able to sign messages generated from the physical world,and send messages and their signatures to their aggregator.The aggregator works as a cluster head,it generates aggregate signatures and sends them to the data center.Furthermore,the detailed security proof is given based on the computational Diffie-Hellman assumption.Then,a modified security model for certificateless aggregate signature and a provably secure certificateless aggregate signature scheme are provided.The new model gives the adversary more capacities,and the adversary can access the relevant oracles to gain every signer'private key.The highlight of the security model is that the only way to generate a valid certificateless aggregate signature is that all individual ones involved are valid.The security of the present scheme according to the improved security model is rigorously proved based on the computational Diffie-Hellman assumption.Last,an aggregate signature scheme based on a linearly homomorphic signature is given.The signature on a linear subspace can be taken as the collection of signatures on the space's basis vectors,that is to say,once receiving the signatures on the basis vectors for a subspace V and the corresponding linear coefficients,a signature on V can be made.This scheme holds linearly homomorphic property and aggregate property,and it is very helpful in batch verification for data integrity.