Research On Proxy Resignature Based On Implicit Certificate And Explicit Certificate

The existing identity-based proxy re-signature schemes have the inherent key escrow problem.And in the certificateless proxy re-signature schemes,there exist the public key replacement attack because the user's public key is not associated with his or her identity.In response to the above problems,a new proxy re-signature scheme based on implicit and explicit certificates is proposed for the first time in this paper.The implicit certificate in the scheme eliminates the key escrow problem and the explicit one relieves the attack of public key replacement.Firstly,this paper presents the formal definition and security model of the new proxy re-signature,and constructs a concrete proxy re-signature scheme based on implicit and explicit certificates.In the scheme,short signature technique is used to construct certificates.Among them,the implicit one serves as partial private key to solve the key escrow problem,and the explicit one is used for public key authenticati-on.The public key authentication and signature verification are completed simultane-ously without prior operation.The original signature algorithm is constructed by using hash function mapping to integer and short signature technique,and the re-signature algorithm is constructed by the addition and point multiplication in elliptic curve additive cyclic group.Then,the correctness of the proposed scheme is verified by bilinear pairing.In the random oracle model,the scheme is proved to be unforgeable under the assumptions of CDH problem and Inv-CDH problem.So,the scheme can resist the attack of public key replacement and the attack from malicious KGC.Finally,the properties and efficiency of the scheme are discussed and the code implementation of the scheme is also given.This scheme is a bidirectional and multi-use proxy re-signature scheme,which also satisfies the properties of transparency,private proxy and non-distinguishable.In this scheme,the original signature algorithm adopts ZSS short signature,which does not involve pairing operation.Moreover,the hash function in the algorithm maps a string to an integer inZ_p^*rather than an element of group₁G,which is more efficient.The re-signature algorithm only needs two additions and one point multiplication in the groupG₁,which costs little.The results of signature and re-signature algorithms are both elements of groupG₁.The length of re-signature does not increase with the rise of the number of conversions,so it occupies less memory space.The experimental results show that the signature,re-signature and verification algorithms take few time,and the length of re-signature is the same as the original signature.The experimental results are consistent with the theoretical analysis.