Research On Data Flow Authentication Scheme Based On Aggregate Signatur

Data transfer is an important means to connect the islands of data.However,it faces the subsequent problem that multi-user identities is difficult to authenticate.Due to the characteristics of signatures compression and batch verification,aggregate signature has high practical value in multi-participant-oriented authentication scenarios.However,most of the existing aggregate signature schemes have shortcomings.On the one hand,some schemes are based on bilinear pairings with high computational cost,and cannot effectively deal with the risk of key leakage,which make these scheme are not practical.On the other hand,for data from different sources,data owners usually generate signatures and then aggregate all signatures directly,Sequential aggregation operations is rarely used,resulting in schemes are not adaptable to data circulation scenarios.In response to the above problems,this thesis focuses on the file transfer scenario in the field of data transfer.Based on the theoretical knowledge of aggregate signature,key-isolated signature and smart contract,it will do research from the aggregate signature authentication scheme suitable for the file transfer scenario.The main work of this thesis as follows:(1)A certificateless aggregate signature scheme supporting parallel key-isolated is proposed.In view of the fact that most of the current certificateless aggregate signature schemes cannot deal with the problem of key leakage.First,the parallel key-isolated mechanism is used to update the key in time segments,These keys of signers are updated regularly,and the frequent key update operations are supported on the premise of ensuring the forward and backward security of the key;Secondly,a formalized security model of the scheme is given based on the random oracle model,which proves that it can achieve the security goal of againsting adaptive chosen message existence forgery attacks.Finally,experimental analysis shows that since the scheme is constructed based on certificateless elliptic curve cryptography,its signature generation efficiency is improved by about 20%,and the length of the aggregated signature remains constant.(2)A certificateless sequential aggregate signature scheme based on blockchain is proposed.First,referring to the idea of the existing certificateless sequential multi-signature scheme,the above proposed scheme is improved to support incremental sequential aggregate,the above proposed scheme is improved to support incremental sequential aggregation;Then,since there may be dishonest users in the sequential aggregation process,the signature verification process is transferred to the smart contract with the signature verification algorithm written in it,and the automatic signature verification is realized based on the enforced feature of the smart contract,which overcomes the defects of maliciously tampering the signature sequence or delaying the signature verification.Finally,based on the elliptic curve discrete logarithm difficult problem assumption,which proves the unforgeability resistance of this scheme to adaptive chosen message attack.Experimental analysis shows that when the aggregate signature length is 60 bytes,the signature generation overhead is reduced by more than 27%,and the signature verification efficiency is improved by more than 35%.(3)A document transfer authentication scheme based on aggregate signature is proposed.Considering the security requirements of file transfer and the problem of multi-user identity authentication in the process of file transfer.First,combined with the certificateless sequential aggregate signature scheme,the user generates the circulation information,and then generates the signature to ensure the non-repudiation of the circulation information and authenticate the identity of the user.Then,the circulation smart contract is designed and deployed,and the transfer information is used as a transaction.After the transaction on-chain and takes effect,the contract is triggered,and automatically send the file to the next user according to the rules,which ensures that the file transfer is clear,reliable and traceable.The experimental simulation results show that this scheme realizes the trusted authentication of multiple users in the process of file transfer,forms non-repudiation and tamper-proof transfer information on the blockchain,and the time overhead of executing a file transfer is also acceptable range.