中文摘要：

针对传统公钥密码体制中存在的公钥证书管理问题和基于身份密码体制中存在的密钥托管问题,以及互联网上交易过程中存在的不公平性,将基于证书签名体制（CBS）与可验证加密签名（VES）相结合,提出了一种基于证书可验证加密签名体制CBVES。首先,定义了基于证书可验证加密签名方案的安全模型;然后,基于k-CAA问题和Squ-CDH问题的困难性,构造一个新的基于证书的可验证加密签名方案,并在随机预言机模型下证明了其安全性。与已有的基于证书可验证加密签名方案相比,所提出的方案是高效的,所需的计算量小,且具有需要仲裁人和指定验证人合作才能从可验证加密签名提取普通签名的优点。

英文摘要：

Focusing on the certificate management problem in the traditional public key cryptography and the key escrow problem in identity-based cryptography, as well as the unfairness exposed on online transaction, a new Certificate-Based Verifiably Encrypted Signature （CBVES） scheme was proposed by combining the Verifiably Encrypted Signature （VES） with Certificate-Based Signature （ CBS）. Firstly, the security model of certificate-based verifiably encrypted signature scheme was defined; secondly, a new CBVES scheme was proposed based on the hardness of k-CAA （ Collision Attack Algorithm with k traitors） problem and Squ-CDH （ Square Computational Differ-Hellman） problem, and its safety was proved under the random oracle model. Compared with the previous CBVES, the proposed scheme is efficient, and has a small amount of calculation and only when the adjudicator and the verifier united, the ordinary signature can be recovered from the VES.