信息网络安全 ›› 2018, Vol. 18 ›› Issue (10): 1-9.doi: 10.3969/j.issn.1671-1122.2018.10.001

• 等级保护 •    下一篇

适用于工业物联网的无证书并行密钥隔离签名

陈亚楠1,2, 梅倩3(), 熊虎3, 徐维祥1   

  1. 1. 北京交通大学交通运输学院,北京 100044
    2. 江西理工大学基础课教学部,江西南昌 330013
    3. 电子科技大学信息与软件工程学院,四川成都 610054
  • 收稿日期:2018-07-26 出版日期:2018-10-10 发布日期:2020-05-11
  • 作者简介:

    作者简介:陈亚楠(1983—),男,四川,博士研究生,主要研究方向为信息安全、云计算;梅倩(1995—),女,江西,硕士研究生,主要研究方向为网络安全、密码学;熊虎(1982—),男,贵州,副教授,博士,主要研究方向为网络安全、密码学;徐维祥(1956—),男,辽宁,教授,博士,主要研究方向为云计算、数据挖掘。

  • 基金资助:
    国家自然科学基金[61672002,61370026,61672135];“十三五”国家密码发展基金密码理论研究课题[MMJJ20170204];中央高校基本科研业务费专项资金[ZYGX2016J091];四川省科技计划项目[2016JZ0020];广东省科技项目[2016A010101002]

Certificateless Parallel Key-insulated Signature for Industrial Internet of Things

Yanan CHEN1,2, Qian MEI3(), Hu XIONG3, Weixiang XU1   

  1. 1. School of Traffic and Transportation, Beijing Jiaotong University, Beijing 100044, China
    2. Teaching Department of Basic Course, Jiangxi University of Science and Technology, Nanchang Jiangxi 330013, China
    3. School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 610054, China
  • Received:2018-07-26 Online:2018-10-10 Published:2020-05-11

摘要:

随着工业物联网的快速发展,如何保障签名过程中用户私钥在不安全的云环境中不被泄露已成为亟待解决的问题。为了降低密钥泄露带来的危害,密钥隔离机制成为解决该问题的核心技术之一。无证书签名方案的提出是为了解决复杂的证书管理过程及密钥托管问题,文章将密钥隔离与无证书签名相结合,提出了无证书并行密钥隔离签名概念和安全模型,并给出了具体构造方案,引入两个协助器交替更新签名临时私钥,增强系统抵御密钥泄露能力。文章还在随机预言机模型下证明了该方案的安全性,满足密钥隔离安全的所有性质。

关键词: 工业物联网, 云环境, 并行密钥隔离, 无证书签名, 随机预言模型

Abstract:

With the rapid development of the industrial Internet of things, an urgent problem is to keep the user’s private key during the signing process from being leaked in an insecure cloud environment. To reduce the danger of the private key leakage, the key-insulated mechanism has been introduced. In addition, certificateless signature scheme is proposed to solve the complex certificate management process and key escrow problem. This paper incorporates the key-insulated mechanism and certificateless signature to obtain a certificateless parallel key-insulated signature, which we give the definition and security model of the new system. Two introduced helpers in our scheme can alternately help user update the temporary private keys, which can enhance the security of the system. Besides, the security of the scheme is proved in the random oracle model, which satisfies all the properties of the key-insulated security.

Key words: industrial Internet of things, cloud environment, parallel key-insulated, certificateless signature, random oracle model

中图分类号: