Research On Certificateless Digital Signature Schemes

Certificateless public key cryptography(CLPKC) is a cryptographic system between traditional public key cryptosystem and identity-based public key cryptosystem. The CLPKC has two advantages, the one is that it does not need to manage public key certificates, the other is that it can overcome the problem of key escrow. In CLPKC, the key generation center (KGC) generates users’partial private key using a master key. Then user combines the partial private key with secret information selected by himself to generate his/her fully private key.Based on the advantages of CLPKC, this dissertation focuses on the research of certificateless digital signature schemes. The major contributions of the work areas follows:(1)We analyze the security of three certificateless aggregate signature(CLAS) schemes based on bilinear pairing.The primitive of CLAS can combine signatures from different users on different messages into a single and compact signature. The verifier should only verify the aggregated signature to confirm whether users participate in the process of aggregate signature. CLAS can raise the efficiency of communication and verification. We analyze the security of three CLAS schemes including Yu et al’s, Cao et al’s and Hou et al’s. Firstly, we point out that the KGC can realize the passive attacks about the Yu’s scheme and Cao’s scheme. And we also point out that KGC can realize the passive attacks and initiative attacks respectively about the Hou’s scheme. Secondly, we describe the concrete processes of forgery attacks aiming the above schemes, and simulate KGC to forge the certificateless aggregate signatures successfully. Finally, we deeply analyze the reasons of the KGC attack about these schemes.(2)We study the revocation problem of certificateless signature in CLPKC. In certificateless signature system, the revocation of user’s signature right is extremely important. However, the existing revocable certificateless signature (RCLS) schemes mostly have the common flaw which the user’s signature right is revoked by online and semi-trusted security mediator (SEM) to reduce the security of certificateless signature system. To solve this problem, based on the idea of time updated-key, we present an efficient RCLS scheme. Under the hardness assumption of computational Diffie-Hellman, the new scheme is proved secure against the attacks of KGC, ordinary users and revoked users. Meanwhile, two advantages of our RCLS scheme are shown. On the one hand, it is more efficient than existing similar schemes since the scheme only needs three pairs. On the other hand, the security of RCLS system is raised since the scheme transfer the partial private key and time updated-key via public channels.