Certificate-based Multisignature And Its Applications

With the rapid development of information technology,the present society has entered the era of Internet.While Internet is profoundly changing people's clothing,food,housing and lifestyle,there are also many urgent problems that need to be solved.Among them,cyberspace security is a problem that people pay much attention to.As an important technology of cyberspace security,digital signature can guarantee the authenticity,integrity and non-repudiation of information in the process of internet information transmission.Multisignature technology is a technique used by multiple signers to cooperate to generate a signature for a single message.And the signature verifier can verify whether these signers actually participated in signing the message.Multisignature can effectively compress the total length of digital signatures,which leads to a reduction for transinformation and network transmission pressure.It can also improve the efficiency of signatures verification.Since the concept of multisignature was put forward,a number of the multisignature schemes have been presented in the setting of traditional public-key cryptography,which suffer from the complex certificate management problem.To solve this problem,some identity-based multisignature schemes and certificateless multisignature schemes have subsequently been proposed in recent years.However,no certificate-based multisignature scheme is available in the literature.Certificate-based cryptography overcomes the certificate management problem in the traditional public-key cryptography.Also,it does not have the inherent key escrow problem in the identity-based setting.Irn addition,compared with the certificateless cryptography,which requires a secure channel for partial private key transmission,the certificate of a user in the certificate-based cryptography can be transmitted in a public channel,which saves the communication resources to a great extent.This paper combines certificate-based cryptography and multisignature to pioneer the the formal definition and security model of certificate-based multisignature.Then,this paper constructs two certificate-based multisignature schemes based on the proposed formal definition of certificate-based multisignature.Scheme CBSMS is a sequential multisignature scheme.This scheme uses bilinear mapping as a basic tool in the design,and applys the idea of BLS short signature to generate certificates for users.In addition,the length of the sequential multisignature 1s the same as the length of a single signature,which means the scheme CBSMS is efficient and compact.Scheme CBBMS is a broadcast multisignature scheme.The designing idea of this scheme is similar to that of scheme CBSMS.These two schemes are both designed based on bilinear pairing,and the generation of certificates and partial signatures applies the technique of BLS short signature.The generation of multisignatures takes advantage of the collision stability of the Hash function to resist the internal collusion attack of the signers.The signature structure of scheme CBBMS is relatively simple and the generated multisignature is shorter in length.Then,based on the proposed security model of certificate-based multisignature,it is proved that the scheme CBSMS and CBBMS are secure based on the CDH(Computational Diffie-Hellman)difficult problem assumption in the random oracle model.Finally,this paper discusses the practical application of certificate-based sequential multisignature scheme CBSMS and broadcast multisignature scheme CBBMS.Applying the scheme CBSMS to e-government,in view of the approval of the proposals in the government administration,it can be achieved that leaders at each level approval proposals according the level.In this scheme,leaders do not need to negotiate a shared key to generate the multisignature.Besides,being online at the same time for leaders at each level to generate the partial signature of the proposal is not necessary.Thus,leaders can choose a flexible time to sign the proposal.Then this paper applies the scheme CBBMS to blockchain,for the case where multiple parties in the blockchain share a same capital.It can reduce the data of transaction orders using this type of capital as transaction input,which compresses the size of blockchains effectively.It can also be achieved to track specific parties based on the certificate in the scheme when necessary.Therefore,the certificate-based multisignature schemes proposed in this paper have a certain theoretical and realistic significance.