摘要
针对开放式互联网环境下铁路桥梁监测系统在数据交互过程中存在的信息泄露与篡改等网络安全问题,提出一种铁路桥梁监测中基于短签名方案的数据传输协议。首先,在Boneh短签名基础上构造了基于身份的短签名方案;然后,在随机预言机模型和逆计算性Diffie-Hellman问题(Inv-CDHP)假设下证明了该方案的安全性,并进一步把此方案运用在桥梁监测数据传输协议中;最后,给出了方案实现的关键代码并与另几种方案进行了实验比较。实验结果和分析表明,新方案的平均耗时与经典的Boneh方案接近,但与Fangguo Zhang方案和Leyou Zhang方案相比,平均耗时分别减少了6%和22%。因此,该方案在签名长度和效率方面较有优势,能有效解决监测数据缺乏完整性保护和身份可靠性认证的问题。
Aiming at the problems of network security such as information disclosure and tampering in the process of information exchange for railway bridge monitoring systems under open Internet environment,a data transmission protocol based on short signature scheme was proposed for railway bridge monitoring. Firstly,an identity-based short signature scheme was designed on the basis of Boneh's short signature. Then the scheme was proved to be safe under the random oracle model and the Inverse Computational Diffie-Hellman Problem( Inv-CDHP),and it was further applied to the data transmission protocol for railway bridge monitoring. Finally,the key code of the scheme was given and compared with several schemes. The experimental results and analysis show that the average time consumption of the proposed scheme is close to the classical Boneh's scheme,but 6% and 22% lower than that of Fangguo Zhang's scheme and Leyou Zhang's scheme. Therefore,the proposed scheme has more advantages in terms of signature length and efficiency,and can effectively solve the problem of lack of integrity protection and identity reliability authentication of monitoring data.
引文
[1]王亦军.中国高速铁路建设回顾与发展思考[J].铁道经济研究,2016,9(1):6-11.(WANG Y J.Review and prospection of China's high-speed railway[J].Railway Economics Research,2016,9(1):6-11.)
[2]夏超逸,雷俊卿,张楠,等.撞击荷载作用下高速铁路桥梁的动力响应及列车运行安全分析[J].工程力学,2012,29(12):101-107,120.(XIA C Y,LEI J Q,ZHANG N,et al.Dynamic response of high-speed railway bridge subjected to collision and train running safety analysis[J].Engineering Mechanics,2012,29(12):101-107,120.)
[3]李进洲,余志武,宋力.重载铁路桥梁疲劳变形和裂缝扩展规律研究[J].土木工程学报,2013,46(9):72-82.(LI J Z,XU Z W,SONG L.Study on fatigue deflection and crack propagation laws of heavy-haul railway bridges[J].China Civil Engineering Journal,2013,46(9):72-82.)
[4]侯秀丽.桥梁工程重大坍塌事故调查与分析[D].长沙:中南大学,2006:1-2.(HOU X L.Investigation and analysis of major collapse accident of bridge engineering[D].Changsha:Central South University,2006:1-2.)
[5]刘南平,崔雁松,刘子轶,等.铁路桥梁应变检测分析仪[J].中国铁道科学,2005,26(2):142-145.(LIU N P,CUI Y S,LIU Z Y,et al.Strain-gauging apparatus for railroad bridge[J].China Railway Science,2005,26(2):142-145.)
[6]石梅香.基于AD7657的铁路桥梁检测数据采集系统设计[J].实验室研究与探索,2011,30(2):70-73.(SHI M X.Design of signal collection system for railway bridge inspection based on AD7657[J].Research and Exploration in Laboratory,2011,30(2):70-73.)
[7]战家旺,夏禾,安宁.基于列车动力响应的铁路桥梁损伤诊断方法[J].中国铁道科学,2012,33(3):35-39.(ZHAN J W,XIA H,AN N.Damage diagnosis method for railway bridges based on train dynamic responses[J].China Railway Science,2012,33(3):35-39.)
[8]CHALOUHI E K,GONZALEZ I,GENTILE C,et al.Damage detection in railway bridges using machine learning:application to a historic structure[J].Procedia Engineering,2017,199:1931-1936.
[9]王伟,廖正宇,张辉,等.基于大数据的铁路信号系统数据存储与分析系统设计与实现[J].信息网络安全,2017(1):29-37.(WANG W,LIAO Z Y,ZHANG H,et al.Design and implementation on data storage and analysis system of railway signal system based on big data[J].Netinfo Security,2017(1):29-37.)
[10]范红,邵华,李海涛.物联网安全技术实现与应用[J].信息网络安全,2017,6(9):38-41.(FAN H,SHAO H,LI H T.Implementation and application of internet of things security technology[J].Netinfo Security,2017,6(9):38-41.)
[11]SHAMIR A.Identity-based cryptosystems and signature schemes[C]//CRYPTO 1984:Proceedings of the 1984 Workshop on the Theory and Application of Cryptographic Techniques,LNCS 196.Berlin:Springer,1984:47-53.
[12]JOUX A.A one round protocol for tripartite Diffie-Hellman[C]//ANTS 2000:Proceedings of the 4th Internationa Algorithmic Number Theory Symposium,LNCS 1838.Berlin:Springer,2000:385-394.
[13]BONEH D,FRANKLIN M.Identity-based encryption from the Weil pairing[C]//CRYPTO 2001:Proceedings of the 2001 International Cryptology Conference on Advances in Cryptology,LNCS,volume2139.Berlin:Springer,2001:213-229.
[14]BONEH D,LYNN B,SHACHAM H.Short signatures from the Weil pairing[C]//ASIACRYPT 2001:Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security:Advances in Cryptology,LNCS2248.Berlin:Springer,2001:514-532.
[15]蔡志伟,王立斌,马昌社.一种基于身份的高效短群签名方案[J].计算机工程,2011,37(18):145-147.(CAI Z W,WANG L B,MA C S.Identity-based efficient short group signature scheme[J].Computer Engineering,2011,37(18):145-147.)
[16]ASAAR M R,SALMASIZADEH M,SUSILO W.A short identitybased proxy ring signature scheme from RSA[J].Computer Standards&Interfaces,2015,38:144-151.
[17]KARATI A,BISWAS G P.Efficient and provably secure randomoracle-free adaptive identity-based encryption with short-signature scheme[J].Security&Communication Networks,2016,9(17):4060-4074.
[18]MESHRAM C Y,POWAR P L,OBAIDAT M S.An UF-IBSSCMA protected online/offline identity-based short signature technique using PDL[J].Procedia Computer Science,2016,93:847-853.
[19]李杨,郭培源,刘波,等.基于嵌入式技术的居室健康环境监测系统[J].电子技术应用,2014,40(8):24-26,30.(LI Y,GUO P Y,LIU B,et al.Design of the healthy room environment monitoring system based on embedded technology[J].Application of Electronic Technique,2014,40(8):24-26,30.)
[20]ZHANG F G,CHEN X F,SUSILO W,et al.A new signature scheme without random oracles from bilinear pairing[C]//VIETCRYPT 2006:Proceedings of the 2006 International Conference on Cryptology in Vietnam,LNCS 4341.Berlin:Springer,2006:67-80.
[21]ZHANG L,HU Y,WU Q.New identity-based short signature without random oracles[J].Procedia Engineering,2011,15:3445-3449.
[22]WANG D,WANG N,WANG P,et al.Preserving privacy for free:efficient and provably secure two-factor authentication scheme with user anonymity[J].Information Sciences,2015,321:162-178.
[23]WANG D,WANG P.Two birds with one stone:two-factor authentication with security beyond conventional bound[J].IEEE Transactions on Dependable&Secure Computing,2016,15(4):1-22.