摘要
随着工业物联网的快速发展,如何保障签名过程中用户私钥在不安全的云环境中不被泄露已成为亟待解决的问题。为了降低密钥泄露带来的危害,密钥隔离机制成为解决该问题的核心技术之一。无证书签名方案的提出是为了解决复杂的证书管理过程及密钥托管问题,文章将密钥隔离与无证书签名相结合,提出了无证书并行密钥隔离签名概念和安全模型,并给出了具体构造方案,引入两个协助器交替更新签名临时私钥,增强系统抵御密钥泄露能力。文章还在随机预言机模型下证明了该方案的安全性,满足密钥隔离安全的所有性质。
With the rapid development of the industrial Internet of things, an urgent problem is to keep the user's private key during the signing process from being leaked in an insecure cloud environment. To reduce the danger of the private key leakage, the keyinsulated mechanism has been introduced. In addition, certificateless signature scheme is proposed to solve the complex certificate management process and key escrow problem.This paper incorporates the key-insulated mechanism and certificateless signature to obtain a certificateless parallel key-insulated signature, which we give the definition and security model of the new system. Two introduced helpers in our scheme can alternately help user update the temporary private keys, which can enhance the security of the system. Besides, the security of the scheme is proved in the random oracle model, which satisfies all the properties of the key-insulated security.
作者
陈亚楠
梅倩
熊虎
徐维祥
CHEN Yanan;MEI Qian;XIONG Hu;XU Weixiang(School of Traffic and Transportation,Beijing Jiaotong University,Beijing 100044,China;Teaching Department of Basic Course,Jiangxi University of Science and Technology,Nanchang Jiangxi 330013,China;School of Information and Software Engineering,University of Electronic Science and Technology of China,Chengdu Sichuan 610054,China)
出处
《信息网络安全》
CSCD
北大核心
2018年第10期1-9,共9页
Netinfo Security
基金
国家自然科学基金[61672002,61370026,61672135]
“十三五”国家密码发展基金密码理论研究课题[MMJJ20170204]
中央高校基本科研业务费专项资金[ZYGX2016J091]
四川省科教计划项目[2016JZ0020]
广东省科教项目[2016A010101002]
关键词
工业物联网
云环境
并行密钥隔离
无证书签名
随机预言模型
industrial Interact of things
cloud environment
parallel key-insulated
certificateless signature
random oracle model
