在跨域和跨组织的电子商务应用中,基于公钥基础设施的密码技术存在沉重的公钥证书管理负担,而基于身份的密码技术存在密钥托管问题,这些都制约了电子现金方案的进一步发展.而基于无证书的密码技术可以避免这些问题.提出了一种基于无证书的签名和认证密钥交换机制,分析了该机制的安全性.基于新的无证书签名和认证密钥交换机制,提出了一种新的电子现金方案.该方案满足电子现金的不可伪造性和不可重用性、用户匿名性以及电子商务交易的公平性.%In the E-commerce application of cross-domain and cross-organization scenarios,there are heavy certificate management burden in PKI-based cryptography and so-called key escrow problem in ID-based cryptography, which limits the development of E-cash.Recently,certificateless cryptography has been adopted to deal with those problems.In this paper, a certifi-cateless signature and authenticated key exchange scheme is proposed, and its security is analyzed.An E-cash scheme based on the new certificateless signature and authenticated key exchange is then proposed, which achieves unforgeability and unre-usability of e-cash, customer anonymity, and fair exchange on e-commerce transactions.
展开▼