抗合谋攻击的聚合签名方案设计与分析.pdf

ofCLASschemeshouldalso the thatthe aggregationalgorithm provideguarantee of is tothe allthe validity signatureequivalentvaliditiesof single aggregate tothis demonstratethatthe constructiondoesnot reason，we signatures．Due previous the asthe modeldoes the satisfysecurityrequirementsecurity not address fully eitherthat collude redefine adversary’Spower theymight together．Consequently,we the modelofCLASschemes collusionattack．Inthis security considering security isabletoholdallthe andhis model，theadversary keys goal signers’privatesigning isto invalide thatcouldbe intovalid forge singlsignatures aggregated aggregate onthese forwardanovelconstructionof results，we signature．Based finallyput CLASscheme withafonnal thatthisschemeis secureunderthe together proof redefinedmodel．Wethe oftheCLASscheme modify security aggregationalgorithm allextrahashfunction．The hastotakeallthe byusing aggregator singlesignatures andthe theverifierselectedinadvanceas the to of and publickey inputs onlyway valid isfromall signature thevalid signatures． outputaggregate single Inboththe