无证书的聚合签名的提出是为了解决密钥托管问题以及复杂的证书管理问题。然而在无证书的聚合签名中,一旦某一签名者的密钥发生泄漏,所有由此签名者参与生成的聚合签名都将不再安全。为了减小无证书的聚合签名中密钥泄漏带来的危害,本文首次将密钥隔离安全机制嵌入到无证书的聚合签名中,提出了密钥隔离的无证书聚合签名的概念和安全模型,并给出了一个实用的方案,通过与协助器的交互,实现了对签名者密钥的定时更新。同时证明了方案在随机预言机模型下是安全的,即,满足密钥隔离安全、强密钥隔离安全和安全密钥更新的性质。%Certificateless aggregate signature is proposed to solve the key escrow problem and the complex certificate management problem.If the private key of any signer is exposed,the certificateless aggregate signature generated by the us-ers including this signer will no longer be secure.To mitigate the damages of key-exposure in certificateless aggregate signa-ture,we firstly integrate the key isolation mechanism into certificateless aggregate signature,and proposed the definition of key-insulated certificateless aggregate signature and its security model.We give a practical scheme,which achieves the peri-odical update of the signer′s secret key by the interaction with the helper.We prove the proposed scheme is secure in the ran-dom oracle model,i.e.,the scheme has key insulated security,strong key insulated security and secure key updates.
展开▼
