Research Of Certificateless Signature Based On Bilinear Pairing

Certificateless signature is a kind of digital signature which doesn’t require acertificate to ensure the authenticity of the public key. In the certificateless signature,it solves the key escrow problem because the private key is generated by the user andthe KGC together.Recently, some certificateless signature schemes depend on the KGC’s honestyexcessively, so they are not secure when the KGC is dishonest. In addition, as a kindof digital signature, certificateless signature also exists key exposure problem.Forward-secure digital signature effectively reduces the losses which are producedby the key exposure problem through using the algorithm of updating key.This thesis mainly focused on the research of certificateless signature andforward-secure digital signature. First, aiming at the problems existing in the currentcertificateless signature schemes, we analyzed the essential reasons of the problemsand constructed a certificateless signature scheme which didn’t depend on KGC’shonesty. Second, aiming at the key exposure problem existing in certificatelesssignature schemes, based on the improved certificateless signature scheme, weconstructed a forward-secure certificateless signature scheme by combining theforward security and certificateless signature algorithm.By analyzing the security of a certificateless signature scheme, we pointed outthat the scheme couldn’t resist public key replacement attack under passivedishonest KGC. Aiming at these problems, a new certificateless signature schemewas proposed. In the new scheme, KGC generated the user’s public key and made itpublic. The analysis of security showed that the improved scheme was able to resistpublic key replacement attack under negative dishonest KGC, distinguish thedishonesty of KGC, and resist existential forgery on adaptively chosen messageattack under the random oracle model.Based on the improved certificateless signature scheme proposed by us, we proposed a forward-secure certificateless signature scheme by means of updatingprivate key. In the scheme, the defect that the signature was generated by usingconstant existing in the original scheme was overcome by combining the updatingprivate key and certificateless signature algorithm really. The safety analysis of thenew scheme showed that the new scheme had the security of the originalcertificateless signature scheme, as well as forward security.