Al-Riyami 和 Paterson 於 2003 年提出的無憑證簽章是一個能夠解決公開金鑰加密機制中密鑰託管問題的重要且極具突破的方法。在此機制中，增加了一個名為 KGC 的可信任第三方機構，目的是與使用者交互產生安全的密鑰。近期，有眾多的研究提出了不帶有雙線性映射的無憑證簽章架構，這使得他們的機制能有較快速的計算速度與更小的儲存空間，以利於實作並利用到發展快速的 IoT 環境或雲服務中。然而，在第二階段的安全性中，我們選擇無條件去相信這個 KGC，假設它不會作出任何對使用者不好的事。這個條件放到現實環境中來看是極度不安全的，甚至也有可能遭受被動的可信任第三方機構攻擊，所以升級到第三階段的安全性是必須的。為了解決以上這些安全漏洞及達到第三階段的安全性，本論文中提出了一種無憑證簽章機制，不帶有雙線性映射特性。與其他的無憑證簽章機制相比，此論文中證明且闡述了我們提出的架構與機制能夠擁有更高的安全性，在此條件下還有更快的計算速度與需要更小的儲存空間。最後，我們採用橢圓曲線上離算對數技術實際建構了一個可證明安全性的架構，來表明此論文所提出的密碼機制能夠安全地適用在無憑證簽章機制的場景中順利運作而不被破解。

Certificateless signature (CLS), which was introduced by Al-Riyami and Paterson at ASIACRYPT 2003, is a breakthrough approach to dealing with the key escrow problem that ID-PKC has. Recently, many pairing free certificateless signature schemes (PFCLS) have been proposed to adapt the prevalent environment of IoT, which can reduce computation and communication cost then further increase processing speed. Unfortunately, a semi-trusted 𝐾𝐺𝐶 still appears unsafe in a real-world environment, and it is also vulnerable against the malicious- but-passive KGC attacks. For level-2 security, we choose to trust 𝐾𝐺𝐶 unconditionally and believe that they will not do anything malicious. However, in the real-world environment, this cannot be guaranteed, so we must achieve Level-3 security. In this work, we introduce a certificateless signature scheme that can achieve Level-3 security to solve the above problem. Compared with other CLS, the proposed primitive is faster and more secure. We formally define the system model of PFCLS under level-3 security also malicious-but-passive KGC attacks and design the desired security requirements to withstand attacks. Therefore, the proposed scheme
can work securely in scenarios that require fast computational speed and small capacity. To the best of the authors’ knowledge, no CLS variant schemes have discussed for this property.

[CH11] Y.-C. Chen and G. Horng, On the security models for certificateless signature schemes achieving level 3 security, Cryptology ePrint Archive, Paper 2011/554, https://eprint.iacr.org/2011/
554, 2011 (cit. p. 7).
[Gir91] M. Girault, “Self-certified public keys,” in Advances in Cryptology — EUROCRYPT ’91, D. W. Davies, Ed., Berlin, Heidelberg: Springer Berlin Heidelberg, 1991, pp. 490–497 (cit. pp. 2, 5).
[GKM+19] R. Goyal, S. Kim, N. Manohar, B. Waters, and D. J. Wu, “Watermarking Public-Key Cryptographic Primitives,” in Advances in Cryptology – CRYPTO 2019, A. Boldyreva and D. Micciancio, Eds., Cham: Springer International Publishing, 2019, pp. 367–398 (cit. p. 1).
[Hay08] B. Hayes, “Cloud computing,” Commun. ACM, vol. 51, no. 7, pp. 9–11, 2008 (cit. p. 1).
[HZW+17] D. He, S. Zeadally, L. Wu, and H. Wang, “Analysis of handover authentication protocols for mobile wireless networks using identity-based public key cryptography,” Computer Networks, vol. 128, pp. 154–163, 2017, Survivability Strategies for Emerging Wireless Networks (cit. p. 1).
[HWZ+07] B. Hu, D. Wong, Z. Zhang, and X. Deng, “Certificateless signature: A new security model and an improved generic construction,” Des. Codes Cryptography, vol. 42, pp. 109–126, Jan. 2007 (cit.
p. 7).
[JHL+18] X. Jia, D. He, Q. Liu, and K.-K. R. Choo, “An efficient provably-secure certificateless signature scheme for Internet-of-Things deployment,” Ad Hoc Networks, vol. 71, pp. 78–87, 2018 (cit. pp. 2,
23, 24, 26).
[KHB18] A. Karati, S. Hafizul Islam, and G. Biswas, “A pairing-free and provably secure certificateless signature scheme,” Information Sciences, vol. 450, pp. 378–391, 2018 (cit. pp. 2, 23–26).
[LLS+20] H. T. Lee, S. Ling, J. H. Seo, H. Wang, and T.-Y. Youn, “Public key encryption with equality test in the standard model,” Information Sciences, vol. 516, pp. 89–108, 2020 (cit. p. 1).
[LGX+17] F. Li, W. Gao, D. Xie, and C. Tang, “Certificateless Cryptography with KGC Trust Level 3 Revisited,”in Cloud Computing and Security, X. Sun, H.-C. Chao, X. You, and E. Bertino, Eds., Cham: Springer International Publishing, 2017, pp. 292–304 (cit. pp. 3, 23–26).
[Lie20] D. Liestyowati, “Public Key Cryptography,” Journal of Physics: Conference Series, vol. 1477, no. 5, p. 052 062, Mar. 2020 (cit. p. 1).
[MLB+11] S. Marston, Z. Li, S. Bandyopadhyay, J. Zhang, and A. Ghalsasi, “Cloud computing - The business perspective,” Decis. Support Syst., vol. 51, no. 1, pp. 176–189, 2011 (cit. p. 1).

Bibliography
[RS21] P. Rastegari and W. Susilo, “On Random-Oracle-Free Top-Level Secure Certificateless Signature Schemes,” The Computer Journal, vol. 65, no. 12, pp. 3049–3061, Sep. 2021. eprint: https :
//academic.oup.com/comjnl/article-pdf/65/12/3049/48480738/bxab125.pdf (cit. pp. 3, 23–26).
[AP03] S. S. Al-Riyami and K. G. Paterson, “Certificateless Public Key Cryptography,” in Advances in Cryptology - ASIACRYPT 2003, C.-S. Laih, Ed., Berlin, Heidelberg: Springer Berlin Heidelberg,
2003, pp. 452–473 (cit. pp. 1, 2).
[Shi19] K.-A. Shim, “A New Certificateless Signature Scheme Provably Secure in the Standard Model,”IEEE Systems Journal, vol. 13, no. 2, pp. 1421–1430, 2019 (cit. p. 3).
[SZS16] Y. Sun, Z. Zhang, and L. Shen, “A Revocable Certificateless Signature Scheme Without Pairing,” in Cloud Computing and Security, X. Sun, A. Liu, H.-C. Chao, and E. Bertino, Eds., Cham: Springer International Publishing, 2016, pp. 355–364 (cit. p. 1).
[TFC19] Y.-F. Tseng, C.-I. Fan, and C.-W. Chen, “Top-Level Secure Certificateless Signature Scheme in the Standard Model,” IEEE Systems Journal, vol. 13, no. 3, pp. 2763–2774, 2019 (cit. pp. 3, 23–26).
[XXY10] Q. Xia, C. X. Xu, and Y. Yu, “Key replacement attack on two certificateless signature schemes without random oracles,” in Advanced Measurement and Test X, ser. Key Engineering Materials,
vol. 439, Trans Tech Publications Ltd, Oct. 2010, pp. 1606–1611 (cit. p. 2).
[XLG+22] D. Xiang, X. Li, J. Gao, and X. Zhang, “A secure and efficient certificateless signature scheme for Internet of Things,” Ad Hoc Networks, vol. 124, p. 102 702, 2022 (cit. pp. 2, 23–26).
[XQL08] H. Xiong, Z. Qin, and F. Li, “An Improved Certificateless Signature Scheme Secure in the Standard Model,” Fundamenta Informaticae, vol. 88, pp. 193–206, 2008, 1-2 (cit. p. 3).
[YWW+19] W. Yang, S. Wang, W. Wu, and Y. Mu, “Top-Level Secure Certificateless Signature Against Malicious-But-Passive KGC,” IEEE Access, vol. 7, pp. 112 870–112 878, 2019 (cit. pp. 2, 3, 23–26).
[YMW+12] Y. Yu, Y. Mu, G. Wang, Q. Xia, and B. Yang, “Improved certificateless signature scheme provably secure in the standard model,” Information Security, IET, vol. 6, pp. 102–110, Jun. 2012 (cit. p. 3).
[YW14] Y. Yuan and C. Wang, “Certificateless signature scheme with security enhanced in the Standard model,” Information Processing Letters, vol. 114, no. 9, pp. 492–499, 2014 (cit. pp. 2, 3, 23–26).
[ZDZ+19] Y. Zhang, R. H. Deng, D. Zheng, et al., “Efficient and Robust Certificateless Signature for Data Crowdsensing in Cloud-Assisted Industrial IoT,” IEEE Transactions on Industrial Informatics,
vol. 15, no. 9, pp. 5099–5108, 2019 (cit. p. 24).
[ZF06] Z. Zhang and D. Feng, Key replacement attack on a certificateless signature scheme, Cryptology ePrint Archive, Paper 2006/453, https://eprint.iacr.org/2006/453, 2006 (cit. p. 2).