摘要:
当前的移动互联网得到了快速的发展和应用,但是在这之上的信息易遭受窃听、篡改、伪造等威胁,这是当前信息安全研究的重要问题.在移动终端电子投票、移动合同签署、移动联合购物等应用场合中,门限群签名技术的应用能有效保证系统的安全.但是,现有基于可信中心的ECC门限群签名方案,缺乏成员对可信中心的反向认证机制,因此可信中心容易成为整个签名系统的安全隐患.针对这个问题,该文提出了一种新的适用于移动互联网的ECC门限群签名方案,并对方案中涉及到的签名初始化、成员注册、份额签名生成、签名合成、签名验证、签名打开以及签名成员撤销等步骤进行详细设计.提出了新门限群签名方案基于成员和可信中心共同生成成员密钥的思想,并且完成了成员和可信中心身份双向认证、密钥共同生成以及成员身份的两次盲化.经安全性证明,该文所提的方案具有正确性和安全性,能抵抗联合攻击和陷害攻击等.性能分析比较的结果也表明,在相同安全水平下,该文所提的方案签名长度更短,签名生成和签名验证的计算量更低.而适用性分析结果也表明,该文所提的方案实现了成员对可信中心的认证和二次盲化处理,降低了移动终端的通信及计算开销,能更好地适用于移动互联网环境中.最后,该文还基于随机预言机(ROM)模型完成了对所提出的门限群签名方案的形式化安全证明.%Nowadays,mobile Internet has gained fast development and application.However, the information in mobile Internet application is vulnerable in hacking,tampering,forgery and other threats.How to solve these security problems is one of key topics in information security research field.Currently,electronic voting in mobile devices,mobile contract signed in mobile terminals and mobile joint applications such as shopping have been implemented,the use of the threshold group signature technology can effectively ensure the security of these systems.There are two types of threshold group signature:one is without a trusted center;while the other one is with a trusted center.In those existing elliptic curve cryptography (ECC)threshold group signature schemes with a trusted center,the authentication of trusted center from group member is always lacked.Thus,the trusted center may become a security bottleneck of the whole signature system.If there is a fake trusted center which wants to cheat the group members,it will threat the security of the group member.Especially,for the mobile Internet application,the use of mobile or wireless communication channels will give more convenience for the attacker.In order to solve this problem,a threshold group signature scheme based on ECC and suitable for mobile Internet is proposed.The steps of the proposed scheme are presented.In the Setup step,the parameters for signature are prepared.Member will do registration in the Registering step. The signature of different member is created in the Sign step.Then the threshold group signature is constructed based on the signatures of the group member in Combine step.The Signature is verified in the Verify step.If the administrator wants to find out who sign this signature,the Open step will do this job.By the way,if one member leaves the group,a new threshold group signature would be created by the Revoke processing.In this paper,the proposed scheme puts forward an idea that the group members and trusted center generate the members'secret keys together.Moreover,the group members and trusted center implement mutual identity authenti-cation,while the key generation and twice blind processing of members'identities are used in the proposed scheme.Based on secure proof,the proposed scheme is proved to be correct and secure. It can resist the joint attack and trap attack,etc.According to the results of performance comparison, it is shown that the proposed scheme has short signature length and low computation for sign and verification at the same security level.The application analysis shows that the proposed scheme implements the authentication of trusted center and twice blind processing of members'identities, the overhead of communication and computation is reduced,it is suitable for mobile Internet application.Finally,based on random Oracle module,the security of the proposed threshold group signature scheme suitable for mobile Internet is semantically proved.Based on the proposed threshold group signature scheme,the security of the mobile Internet application is guaranteed. It is very important for the widely use of mobile terminals and mobile Internet applications.