With the increasing dependence on the internet,people are increasingly paying attention to and attaching importance to information security issues.As an important technology of information security,digital signature can provide users with three technical supports: identity authentication,data integrity and non-repudiation.At present,the research on digital signature is mainly based on three different public key cryptography algorithms,namely traditional PKI-based public key cryptography,identity-based public key cryptography and certificateless public key cryptography.PKI-based public key cryptography has public key management problem and identity-based public key cryptography has key escrow problem,while certificateless public key cryptography can effectively avoid such security problems,so its security is relatively higher.In addition,it is more efficient and has important practical research significance.The advantages of high reliability and high efficiency of the certificateless public key cryptography are continuously reflected in practical applications.This thesis proposes two digital signature schemes,that is,a linkable certificateless ring signature and a certificateless aggregation signature.The advantages of two schemes are that it inherits the high reliability and high efficiency of the certificateless public key cryptography,and further their privacy is enhanced.The research work of this paper is as follows:(1)The research status of the ring signature and aggregate signature is reviewed.The mathematical theory knowledge involved in the digital signature algorithms is introduced,including algebra basic knowledge,elliptic curve,bilinear mapping and its difficult problems.(2)A linkable certificateless ring signature scheme is proposed.Combing the linkable feature with the certificateless ring signature scheme,the scheme overcomes the certificate management problem and the key escrow problem,and it can protect the privacy of the user while avoiding the abuse of the signature right,hence,it reduces the dependence on trusted third parties and increases the efficiency of the solution.Due to the problem of low computational efficiency of the bilinear pairing,our scheme proposes a certificateless ring signature scheme based on discrete logarithm without using bilinear pairing,which has higher computational efficiency.In addition,the unforgeability of the scheme is proved in the random oracle model.(3)A certificateless aggregation signature scheme is proposed.Combing the aggregate signature algorithm with the certificateless public key cryptography,it can aggregate n signatures from n users corresponding to n different messages into a single short signature.In addition,it can simplify the verifications of n signatures into a single verification,which not only eliminates the reliance on the trusted third parties,but also greatly reduces computational overhead and bandwidth usage in resource-constrained environments.In addition,based on the difficulty of the computational Diffie-Hellman problem,the unforgeability of the scheme under the random oracle model is proved.Our certificateless aggregation signature scheme reduces the calculation of two bilinear pairs in the aggregation verification stage,and so the calculation efficiency is greatly improved and the utility is stronger. |