Study On Multivariate Signature Scheme With Extended Attributes

In recent years,the scientists at home and abroad have made important progress in the study of quantum computers.Once quantum computers that could be used to crack encryption systems come out,the security of the most widely used public key cryptosystems such as RSA and ECC,would be seriously threatened.Therefore,in order to resist future attacks based on quantum computers,there was an urgent need to research post-quantum cryptosystems that can resist quantum attacks.The post-quantum cryptosystems have been developed for about 30 years,especially the field of signatures have developed rapidly in the past 10 years,and the multivariate public-key cryptosystem was currently considered to be a secure cryptosystem alternative in the quantum era.There remained two problems of the current multivariate public-key cryptosystem:There was only one verification condition of the original multivariate signature model,so a certain number of existing multivariate signature schemes could not resist forgery signature attacks and key recovery attacks under the original model.In addition,although there were a large number of signature and encryption schemes in the field of multivariate public key cryptography,there was a lack of research on multivariate signature schemes with extended properties,such as multivariate aggregation signature schemes and multivariate blind aggregation signature schemes.In view of the single verification condition of the original multivariable signature model and the existence of security threats,the security of existing multi-variate signature model was analyzed,and an improved signature model that could resist forgery signature attacks and an improved signature model that could resist key recovery attacks were designed by enhancing signature verification conditions.Aiming at the problem of insufficient research on multivariable signature schemes with extended attributes,we studied the identity authentication protocol based on the MQ problem,and designed a multivariate aggregation signature scheme combining the Rainbow and the MQDSS scheme.The specific work content is as follows:(1)A multivariate improved signature model that could resist forgery signature attacks was designed.In order to solve the defect that the original multivariate signature model had a single verification condition,an improved multivariate signature model was designed by enhancing the signature verification conditions with the additional signature values.And taking the MI scheme as an example,the original model and the improved model were compared and analyzed.Analysis showed that on the basis of maintaining the security of the original model,the improved model could effectively resist forgery signature attacks including the linearized equation analysis method,and obtained higher security with a small amount of computational cost.(2)A multivariate improved signature model that could resist key recovery attacks was designed.The improved model required the corresponding private key and exact internal information to generate an accurate signature.The signature verification not only needed to verify the original external information,but also the internal information.If there was no exact private key,the forged signature generated by the key recovery attack method would not pass the verification.Taking the HFE scheme as an example,the signature and verification process of the improved model were explained in detail,and the performance comparison was caried out.The analysis showed that the improved model could effectively resist key recovery attacks and obtained higher security with a small amount of computational cost.(3)A multivariate aggregation signature scheme based on MQ authentication protocol was designed.The identity authentication protocol based on the MQ problem was researched,and a multivariate aggregation signature scheme was designed by combining the Rainbow scheme and the MQDSS scheme.And from the perspective of correctness,zero-knowledge,soundness and unforgeability,the provable security analysis of the multivariate aggregation signature scheme was carried out to prove that the designed scheme met the security requirements such as unforgeability.The performance analysis of the multivariate aggregation signature scheme was carried out from the perspectives of reduced signature length,parameter selection and experimental analysis.In addition,a blind attribute analysis of the designed scheme was carried out.The analysis showed that the designed scheme could be extended to a multivariate blind aggregation signature scheme.The designed multivariate improved signature models and multivariate aggregated signature scheme provided a useful supplement to the security signature schemes in the quantum era.The operation of the multivariate public key cryptographic scheme only involved addition and multiplication on a finite field,which had high efficiency and security,especially suitable for occasions with limited storage space and computing time,such as wireless sensor networks and the Internet of Things.Multivariate schemes with short signatures were helpful for their application in actual restricted environments,while signature schemes with extended attributes would enrich existing multivariate schemes.At the same time,the provable security based on the identification protocol also provided a design idea for the secure multivariable signature scheme.