作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2023, Vol. 49 ›› Issue (12): 146-151, 160. doi: 10.19678/j.issn.1000-3428.0066990

• 网络空间安全 • 上一篇    下一篇

一种适用于电力终端设备的无证书在线/离线签密方案

李斌1, 吴坡1, 王丹1, 安浩杨2,*, 何德彪2   

  1. 1. 国网河南省电力公司, 郑州 450000
    2. 武汉大学 国家网络安全学院, 武汉 430072
  • 收稿日期:2023-02-21 出版日期:2023-12-15 发布日期:2023-12-14
  • 通讯作者: 安浩杨
  • 作者简介:

    李斌(1986-), 男, 高级工程师、博士, 主研方向为调度自动化、网络安全

    吴坡, 高级工程师、博士

    王丹, 高级工程师

    何德彪, 教授、博士

  • 基金资助:
    国网河南省电力公司科技项目(52170220009J)

A Certificateless Online/Offline Signcryption Scheme for Power Terminal Equipment

Bin LI1, Po WU1, Dan WANG1, Haoyang AN2,*, Debiao HE2   

  1. 1. State Grid Henan Electric Power Company, Zhengzhou 450000, China
    2. School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China
  • Received:2023-02-21 Online:2023-12-15 Published:2023-12-14
  • Contact: Haoyang AN

摘要:

随着电力能源互联网的不断发展,电力监控系统成为关键的基础设施之一,负责监测和控制电力系统的运行。然而,由于电力终端设备需要长时间运行,经常分布式地安装在恶劣的环境中,因此需要设备具备低功耗的特性。同时,为保证数据传输的安全性,需要对数据进行加密和数字签名,签密算法可以在单个步骤中实现加密和签名,比传统方法更高效。提出一种适用于电力终端设备的无证书在线/离线签密方案,该方案基于椭圆曲线密码算法,避免了代价高昂的双线性对运算和哈希到点运算。将签密过程分为在线阶段和离线阶段,将代价高昂的计算放在离线阶段处理,在线阶段快速生成最终签密密文,使得方案更加适用于低功耗电力终端设备。实验结果表明,该方案的签密算法计算开销为基于双线性对的签密方案的7.85%,密文通信开销为对比方案的10%。所提方案为电力监控系统提供了一种高效的通信方式,有利于延长电力终端设备的寿命,提高电力系统的鲁棒性。

关键词: 无证书签密, 在线/离线签密, 无双线性对, 低功耗电力终端设备, 电力监控系统

Abstract:

With the continuous development of power energy Internet, the power monitoring system has become a key infrastructure responsible for monitoring and controlling the operations of a power system. However, because power terminal equipment operate for a long time and are often distributed and installed in harsh environments, the equipment must have low power consumption characteristics. Moreover, encryption and digital signature of data is needed to ensure the security of data transmission. The signcryption algorithm can realize the encryption and signature properties in a single step, which is more efficient than conventional methods. This research proposes a certificateless online/offline signcryption scheme suitable for power terminal equipment. The elliptic curve cryptography avoids expensive bilinear pairing and hash-to-point operations, divides the signcryption process into online and offline stages, does expensive calculations in the offline stage, and quickly generates the final signcryption in the online stage ciphertext. This is more suitable for low-power terminal equipment. Experimental analysis shows that, compared with the signcryption scheme based on bilinear pairs, the calculation overhead of the signcryption algorithm of this scheme is 7.85% of that of the comparison scheme, and the ciphertext communication overhead is 10% of that of the comparison scheme. The proposed scheme provides an efficient communication solution for power monitoring systems, which is beneficial for extending the lifespan of power terminal equipment and improving the robustness of the power system.

Key words: certificateless signcryption, online/offline signcryption, without pairing, low power terminal equipment, power monitoring system