Abstract: The certificate-based encryption is a new public key encryption paradigm which combines public key encryption and identity-based encryption while it preserves their features. This paper proposes an efficient construction of certificate-based signature scheme using bilinear maps, with rigorous security proofs under the random oracle model. The security of the scheme is based on the infeasibility of the q-strong Diffie-Hellman problem and the expand inversed computational Diffie-Hellman problem. The analysis shows that this new scheme satisfies the security requirements such as correctness and unforgeability, and has high security. It not only simplifies the certificate management process, but also overcomes the private key escrow problem. Furthermore, its overall performance is relatively high.

Key words: digital signature, certificate-based, random oracle model, provably secure, bilinear pairings

摘要： 基于证书公钥密码系统是近年来提出的一种新型公钥密码体制，它结合了传统公钥密码体制和基于身份密码体制的优点，克服了其存在的问题。利用双线性映射，提出了一个基于证书的数字签名方案，在随机预言机模型下给出了严格的安全证明。方案的安全性基于q强Diffie-Hellman问题和扩展的逆计算Diffie-Hellman问题的困难性。分析表明，所构造的新方案满足正确性和存在不可伪造性，具有较高的安全性，不仅简化了证书管理过程，克服了密钥托管问题，而且方案的整体性能比较高。

关键词: 数字签名, 基于证书, 随机预言模型, 可证明安全, 双线性对