Design And Implementation Of Hierarchical Identity-based Signature Algorithm Based On Universal Hashing

Nowadays,with the rapid development of the network,the importance of network security has become increasingly prominent,and the authenticity of the data in the network can be guaranteed by the signature algorithm.The proposal of the identity-based signature algorithm makes the traditional signature algorithm no longer need to carry a certificate.In order to solve the scalability problem of the single-layer identity-based cryptographic algorithm,a hierarchical identity-based cryptographic algorithm has emerged.But the existing hierarchical identity-based signature algorithms has the linear growth of signature length and poor system robustness.It also does not support forward security and anomaly detection.This paper firstly constructs a forward-secure hierarchical identity-based signature algorithm,which solves the problem that forward security and anomaly detection are not supported in the existing hierarchical identity-based signature,and realizes the dynamic joining and revocation of nodes.At the same time,this paper proposes a combined hier-archical identity-based signature algorithm,which fixes the length of the signature,im-proves the robustness of the algorithm,and supports offline signature verification.The main research results of this paper are as follows:(1)A forward security hierarchical identity-based signature algorithm(FS-HIBS)is proposed.This paper constructs a forward-secure hierarchical identity-based signature algorithm.Through the matrix operation,the self-update of the node signature key is reg-ularly performed,and the key update verification is performed at the same time as the self-update.Even if the current key is completely leaked,the reliability of the signature in the previous period can also be guaranteed due to the existence of node self-update.In addition,we introduce the concept of anomaly detection,which supports anomaly de-tection by arranging historical signatures in a secure order.When an anomaly occurs,the node key is self-updated in advance to achieve higher security.Finally,this scheme also supports dynamic joining and withdrawal of nodes.We formally define the FS-HIBS algorithm and its security model,and provide a rigorous security proof for this scheme.The experimental results show that the algorithm runs in milliseconds,which meets the needs of practical applications.(2)This paper further proposes a combined hierarchical identity-based signature al-gorithm(C-HIBS),which adds a key escrow agency with a combined matrix as the core.This scheme not only realizes the generation and verification of the random private key of the key generation agency,but also solves the problem of poor robustness of hierarchical key management.At the same time,a signature fixed-length hierarchical signature al-gorithm is designed to reduce the number of elliptic curve points in the signature content from t+2 in the existing scheme to 2(where t is the level of the node),which ensure fixed length signature.In addition,it supports offline optimization,which makes the number of online bilinear pairing operations in the signature verification algorithm reduce from t + 2 to 2 times.Based on the standard BDH problem assumption,this scheme embeds the difficult problem into the combination matrix and the hierarchical key generation process under the random oracle model.In both cases,which the number of key generation insti-tutions is limited or the random private key is trusted to be protected,we both prove the scheme has EU-CMIA security.Compared with related literatures,this algorithm fixes the signature storage space complexity from O(n)to O(1),and verifies the efficiency and correctness of the algorithm through experiments.