تعداد نشریات | 38 |
تعداد شمارهها | 1,240 |
تعداد مقالات | 8,994 |
تعداد مشاهده مقاله | 7,847,675 |
تعداد دریافت فایل اصل مقاله | 4,707,962 |
تحلیل امنیت و بهبود یک سامانه حملونقل هوشمند مبتنی بر امضای تجمعی فاقد گواهینامه | ||
پدافند الکترونیکی و سایبری | ||
مقاله 3، دوره 8، شماره 1 - شماره پیاپی 29، خرداد 1399، صفحه 25-33 اصل مقاله (954.81 K) | ||
نوع مقاله: مقاله پژوهشی | ||
نویسندگان | ||
نصراله پاک نیت1؛ زیبا اسلامی* 2 | ||
1استادیار، پژوهشگاه علوم و فناوری اطلاعات ایران (ایرانداک)، تهران، ایران | ||
2گروه علوم کامپیوتر، دانشکده علوم ریاضی، دانشگاه شهید بهشتی، تهران، ایران. | ||
تاریخ دریافت: 26 اسفند 1397، تاریخ بازنگری: 29 تیر 1398، تاریخ پذیرش: 28 خرداد 1398 | ||
چکیده | ||
«شبکههای اقتضایی خودرویی» (VANET) اساس سامانههای حملونقل هوشمند هستند و نیازمندیهای کلیدی آنها عبارتند از تضمین جامعیت و اصالت پیامهای تولیدشده توسط وسایل نقلیه، حفظ حریم خصوصی مشروط و کارایی. اخیراً، ژانگ و همکاران با ارائه یک طرح امضا تجمعی فاقد گواهینامه، یک سامانه حملونقل هوشمند ارائه کردهاند. در این سامانه، اصالت پیامها با استفاده از امضای دیجیتال، حفظ حریم خصوصی مشروط با استفاده از نامهای مستعار و کارایی با استفاده از امضای تجمعی فاقد گواهینامه تأمین شده است. طرح امضا تجمعی فاقد گواهینامه ارائهشده توسط ژانگ و همکاران بسیار کارا بوده و در آن، طول امضا تجمعی و همچنین تعداد عملگر زوجسازی دوخطی موردنیاز برای بررسی اصالت یک امضا، ثابت و مستقل از تعداد امضاهای تجمعی است. ژانگ و همکاران ادعا کردهاند که تحت فرض سختی مساله محاسباتی دیفی-هلمان CDH، طرح ارائهشده توسط آنها در برابر حمله متن و شناسه منتخب وفقی جعلناپذیر است. در این مقاله، در ابتدا، اثبات میشود که این ادعا نادرست بوده و نشان داده خواهد شد که در طرح ارائهشده هر متخاصمی قادر است تنها با دیدن یک زوج (پیام و امضا) متناظر با یک وسیله نقلیه، بهراحتی امضای آن وسیله نقلیه را بر روی هر پیام دیگری جعل کند. در ادامه، با اعمال تغییراتی بر روی طرح ژانگ و همکاران، یک طرح امضا تجمعی بهبودیافته ارائه میشود که در مقابل حمله جعل مطرحشده امن باشد. | ||
کلیدواژهها | ||
VANETT؛ حفظ حریم خصوصی؛ امضا تجمعی؛ رمزنگاری فاقد گواهینامه؛ جعلپذیری؛ Computational Diffie-Hellman | ||
عنوان مقاله [English] | ||
Security Analysis and Improvement of an Intelligent Transportation System based on Certificateless Aggregate Signature | ||
نویسندگان [English] | ||
N. Pakniat1؛ Z. Eslami2 | ||
1استادیار، پژوهشگاه علوم و فناوری اطلاعات ایران (ایرانداک)، تهران، ایران | ||
2Department of Computer Science, Faculty of Mathematical Science, Shahid Beheshti University, Tehran, Iran. | ||
چکیده [English] | ||
A key component of intelligent transportation systems is the so-called Vehicular Ad-hoc Network (VANET). These networks refer to a set of smart vehicles which provide communication services on the road using wireless technologies. In addition to enhancing road safety, VANETs can contribute to vehicle and driver’s security. Therefore, the research in this area is heavily centered around important security and privacy issues, in particular authentication of the messages exchanged while reducing communication overhead. In order to provide a solution to this problem, Zhong et al. recently proposed an efficient privacy-preserving authentication scheme for VANETs based on certificateless aggregate signatures. In their scheme, the length of the aggregated signature is fixed and does not depend on the number of input signatures. The goal of our paper is to show that the scheme of Zhong et al. fails to provide the required authentication for VANETs. We prove that it is easily possible to forge the signature of a vehicle on an arbitrary message after observing only one pair of (message, signature) signed by the target vehicle. We further propose an improvement over Zhong et al.’s scheme that overcomes the mentioned drawback and therefore provides the required authenticity in VANETs. | ||
کلیدواژهها [English] | ||
VANET, Privacy-preserving, Aggregate signature, Certificateless Cryptography, Forgeability | ||
مراجع | ||
[1] H. Zhong, S. Han, J. Cui, J. Zhang, and Y. Xu, “Privacy-preserving authentication scheme with full aggregation in VANET,” Information Sciences, vol. 476, pp. 211–221, 2019.## [2] S. M. Pournaghi, M. Barmshoori, and M. Gardeshi, “An Improved Authentication Scheme with Conditional Privacy Preserving in VANETs,” Journal of Electronic & Cyber Defence, vol. 3, pp. 1-12, 2015. (In Persian)## [3] M. Raya and J.-P. Hubaux, “Securing vehicular ad hoc networks,” Journal of Computer Security, vol. 15 pp. 39–68, 2007.## [4] R. Lu, X. Lin, H. Zhu, P.H. Ho, and X. Shen, “Ecpp: efficient conditional privacy preservation protocol for secure vehicular communications,” IEEE INFOCOM 2008-The 27th Conference on Computer Communications, USA, pp. 1229-1237, 2008.## [5] A. Shamir, “Identity-based cryptosystems and signature schemes,” Workshop on the theory and application of cryptographic techniques, Paris, France, pp. 47-53, 1984.## [6] C. Zhang, R. Lu, X. Lin, P.-H. Ho, and X. Shen, “An efficient identity-based batch verification scheme for vehicular sensor networks,” IEEE INFOCOM 2008-The 27th Conference on Computer Communications, USA, pp. 246-250, 2008.## [7] S. S. Al-Riyami and K. G. Paterson, “Certificateless public key cryptography,” International conference on the theory and application of cryptology and information security, Taipei, Taiwan, pp. 452-473, 2003.## [8] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, “Aggregate and verifiably encrypted signatures from bilinear maps,” International Conference on the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, pp. 416-432, 2003.## [9] X. Cheng, J. Liu, and X. Wang, “Identity-based aggregate and verifiably encrypted signatures from bilinear pairing,” International Conference on Computational Science and Its Applications, Singapore, pp. 1046-1054, 2005.## [10] C. Gentry and Z. Ramzan, “Identity-based aggregate signature,” International workshop on public key cryptography, New York, USA, pp. 257-273, 2006.## [11] S. Lu, R. Ostrovsky and A. Sahai, “Sequential aggregate signatures and multi signatures without random oracles,” Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, pp. 465-485, 2006.## [12] M. Ruckert and D. Schrode, “Aggregate and verifiably encrypted signatures from multilinear maps without random oracles,” International Conference on Information Security and Assurance, Seoul, Korea (Republic of), pp. 750-759, 2009.## [13] Z. Shao, “Enhanced aggregate signature from pairings,” International Conference on Information Security and Cryptology, Seoul, Korea (Republic of), pp. 140-149, 2005.## [14] K. Shim, “An Id-based aggregate signature scheme with constant pairing computations,” Journal of Systems and Software, vol. 83, pp. 1873-1880, 2010.## [15] B. Y. Kang, “ID-based aggregate signature scheme with constant pairing computations: attack and new construction,” Journal of Computer Information System, vol. 16, pp. 6611- 6618, 2012.## [16] Z. Gong, Y. Long, and X. Hong, “Two certificateless aggregate signatures from bilinear maps,” Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel Distributed Computing, Qingdao, China, pp. 188-193, 2007.## [17] N. Yanai, R. Tso, and M. Mambo, “Certificateless ordered sequential aggregate signature scheme,” Third International Conference on Intelligent Networking and Collaborative Systems, Fukuoka, Japan, pp. 662-667, 2011.## [18] L. Zhang and F. Zhang, “A new certificateless aggregate signature scheme,” Computer Communications, vol. 32, pp. 1079-1085, 2009.## [19] L. Cheng, Q. Wen, and Z. Jin, “Cryptanalysis and improvement of a certificateless aggregate signature scheme,” Information Sciences, vol. 295, pp. 337-346, 2015.## [20] S. Horng, S. Tzeng, and P. Huang, “An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks,” Information Sciences, vol. 317, pp. 48-66, 2015.## [21] H. Du, M. Huang, and Q. Wen, “Efficient and provably-secure certificateless aggregate signature scheme,” Acta Electronica Sinica, vol. 41, pp. 72-76, 2013.## [22] H. Chen, S. Wei, and C. Zhu, “Secure certificateless aggregate signature scheme,” Journal of Software, vol. 26 pp. 1173-1180, 2015.## [23] H. Xiong, Z. Guan, Z. Chen, and F. Li, “An efficient certificateless aggregate signature with constant pairing computations,” Information Sciences, vol. 219, pp. 225–235, 2013.## [24] D. He, M. Tian, and J. Chen, “Insecurity of an efficient certificateless aggregate signature with constant pairing computations,” Information Sciences, vol. 268, pp. 458–462, 2014.## [25] H. Nie, Y. Li, W. Chen, and Y. Ding, “NCLAS: a novel and efficient certificateless aggregate signature scheme,” Security and Communication Networks, vol. 9, pp. 3141-3151, 2016.## [26] N. Pakniat and M. Noroozi, “Cryptanalysis of a certificateless aggregate signature scheme,” 9th Conference of Command, Control, Communications and Computer Intelligence, Tehran, Iran, pp. 1-5, 2016.## [27] Y. C. Chen, R. Tso, W. Susilo, X. Huang, and G. Horng, “Certificateless Signatures: Structural Extensions of Security Models and New Provably Secure Schemes,” IACR Cryptology ePrint Archive, P. 193, 2013.## [28] K. Hashimoto and W. Ogata, “Unrestricted and Compact Certificateless Aggregate Signature Scheme,” Information Sciences, vol. 487, pp. 97-114, 2019.## | ||
آمار تعداد مشاهده مقاله: 990 تعداد دریافت فایل اصل مقاله: 334 |