【 摘 要 】

An aggregate signature scheme is a digital signature scheme that allows aggregation of n distinct signatures by n distinct users on n distinct messages. In this paper, we present an aggregate signcryption scheme (ASC) that is useful for reducing the size of certification chains (by aggregating all signatures in the chain) and for reducing message size in secure routing protocols. The new ASC scheme combines identity-based encryption and the aggregation of signatures in a practical way that can simultaneously satisfy the security requirements for confidentiality and authentication. We formally prove the security of the new scheme in a random oracle model with respect to security properties IND-CCA2, AUTH-CMA2, and EUF-CMA.

【 授权许可】

   

【 预 览 】

附件列表

Files	Size	Format	View
20150520125118104.pdf	360KB	PDF	download

【 参考文献 】

• [1]D. Boneh et al., “Aggregate and Verifiably Encrypted Signatures from Bilinear Maps,” EUROCRYPT, LNCS, vol. 2656, 2003, pp. 416-432.
• [2]Y.L. Zheng, “Digital Signcryption or How to Achieve Cost (Signature&Encryption)<
• [3]A. Shamir, “Identity-Based Cryptosystem and Signature Schemes,” Proc. CRYPTO’84 Adv. Cryptology, LNCS, vol. 196, 1985, pp. 47-53.
• [4]J. Malone-Lee, “Identity-Based Signcryption,” Cryptology ePrint Archive, Report 2002/098. http://eprint.iacr.org/2002/098
• [5]S.S.D. Selvi et al., “Provably Secure ID-Based Broadcast Signcryption (IBBSC) Scheme,” Cryptology ePrint Archive, Report 2008/225. http://eprint.iacr.org/2008/225
• [6]M.G. Muniz and P. Laud, “Strong Forward Security in Identity-Based Signcryption,” Cryptology ePrint Archive, Report 2011/156. http://eprint.iacr.org/2011/156
• [7]C. Gentry and Z. Ramzan, “Identity-Based Aggregate Signatures,” Public Key Cryptography, LNCS, vol. 3958, 2006, pp. 257-273.
• [8]S.S.D. Selvi et al., “Security Analysis of Aggregate Signature and Batch Verification Signature Schemes,” Cryptology ePrint Archive, Report 2009/290. http://eprint.iacr.org/2009/290
• [9]S.S.D. Selvi et al., “Efficient and Provably Secure Identity Based Aggregate Signature Schemes with Partial and Full Aggregation,” Cryptology ePrint Archive, Report 2010/461. http://eprint.iacr.org/2010/461
• [10]S.-H. Seo et al., “Identity-Based Universal Designated Multi-Verifiers Signature Schemes,” Comput. Stand. Interfaces, vol. 30, no. 5, 2008, pp. 288-295.
• [11]Z. Wang et al., “Practical Identity-Based Aggregate Signature from Bilinear Maps,” J. Sci. Shanghai Jiao Tong University, vol. 13, no. 6, 2008, pp. 684-687.
• [12]Y. Wen and J. Ma, “An Aggregate Signature Scheme with Constant Pairing Operations,” CSSE, vol. 3, 2008, pp 830-833.
• [13]S.S.D. Selvi et al., “Identity Based Aggregate Signcryption Schemes,” INDOCRYPT, LNCS, vol. 5922, 2009, pp. 378-397.
• [14]Zheng-hua Qi et al., “An ID-Based Ring Signcryption Scheme for Wireless Sensor Networks,” IET Int. Conf. Wireless Sensor Netw., Beijing, China, Nov. 2010, pp. 368-373.
• [15]D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,” SIAM J. Comput., vol. 32, no. 3, 2003, pp. 586-615.
• [16]B. Lynn, “On the Implementation of Pairing-Based Cryptosystems,” PhD thesis, Stanford, 2008.