北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2013, Vol. 36 ›› Issue (6): 98-101.doi: 10.13190/j.jbupt.2013.06.021

• 研究报告 • 上一篇    下一篇

基于证书的签名方案的分析与改进

周才学   

  1. 九江学院 信息科学与技术学院, 江西 九江 332005
  • 收稿日期:2013-02-26 出版日期:2013-12-31 发布日期:2013-10-08
  • 作者简介:周才学(1966—),男,副教授,E-mail:charlesjjjx@126.com.
  • 基金资助:

    国家自然科学基金项目(61073176);江西省自然科学基金资助项目(20132BAB211025);江西省教育厅资助科研项目(GJJ13716);九江学院校级重点课题(2013ZD02)

Cryptanalysis and Improvement of Certificate-Based Signature Scheme

ZHOU Cai-xue   

  1. School of Information Science and Technology, University of Jiujiang, Jiangxi Jiujiang 332005, China
  • Received:2013-02-26 Online:2013-12-31 Published:2013-10-08

摘要:

基于证书的密码体制结合了基于公钥基础设施的密码体制和基于身份的密码体制的优点,既简化了公钥的管理又不存在密钥托管问题,对一个无双线性对的基于证书的签名方案进行了密码学分析,指出该方案存在类型Ⅱ攻击者的伪造性攻击和其证明中的不当之处,并用散列函数绑定随机数的方法对其进行了改进. 改进方案在离散对数是困难问题的假设下,在最强的安全模型中被证明是安全的. 由于不需要耗时的双线性对运算,新方案效率较高,适合于无线传感器网络等能量受限的系统使用.

关键词: 基于证书的签名, 随机预言机模型, 双线性对, 离散对数假设, 公钥替换攻击

Abstract:

Certificate-based cryptosystem combines the merits of public key infrastructure (PKI)-based cryptosystem and identity-based cryptosystem, which can not only simplify the public key management, but also avoid the key escrow problem. A certificate-based signature scheme without pairing is analyzed, and shown to be forgeable by a type Ⅱ attacker. In the proof, there exists a security flaw, which is improved by means of binding random number to hash function. The improved scheme is proven to be unforgeable in the strongest security model of certificate-based signature scheme under discrete logarithm assumption. Without any time-consuming bilinear pairing operations, it shows efficient and applicable to power-constrained devices, such as wireless sensor networks.

Key words: certificate-based signature, random oracle model, bilinear pairings, discrete logarithm assumption, public key replacement

中图分类号: