Security Analysis And Improvement Of A Strongly Secure Certificateless Digital Signature Scheme

In the current era of high-speed information,the requirements for information security are becoming more and more stringent,so cryptography is gaining more and more attention and importance from government,academia and industry in this process.As one of the most important techniques in public key cryptography:digital signature,it has the property of verifying the identity of the sender and the indefectibility of the data.With the introduction of different cryptographic systems,digital signature schemes have been designed in different cryptographic systems one after another,among which the certificateless public key cryptosystem combines the advantages of identitybased cryptosystem and traditional PKI public key cryptosystem,and also overcomes the key escrow problem of identity-based public key cryptosystem and the certificate management problem of PKI system,which has obvious advantages.This paper focuses on the digital signature scheme under the certificate-free cryptosystem,and the main research results are as follows:(1)In this paper,after analyzing a strongly secure certificate-free signing scheme proposed by Hassouna et al.in recent years for security,we obtain the following conclusions.First,the certificate-free signing scheme proposed by Hassouna et al.that uses bilinear pairs cannot verify the integrity of the message,and thus there is a message tampering attack,and second,the signing scheme does not use the private key generated according to the system master key for signing,so it does not satisfy the the definition of a certificate-less signing scheme.And this is analyzed for security purposes.(2)In this paper,we design a strongly secure certificate-free signature scheme on this basis,and prove the security of it.Under the stochastic prediction machine model,based on the elliptic curve Diffie-Hellman problem assumption,it is proved that the scheme can satisfy the definition of the certificate-free signature scheme and resist the attacks that the previous scheme cannot resist as well as the attacks of the first type of strong adversary and the second type of adversary,and satisfy the existential unforgeable security.In the next subsection,the scheme is compared with four other certificate-free signature schemes that have proven to be secure in recent years in terms of theoretical security analysis and efficiency performance as well as implementation in C.The results show that the improved designed scheme has certain advantages.