北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2014, Vol. 37 ›› Issue (3): 48-52.doi: 10.13190/j.jbupt.2014.03.010

• 论文 • 上一篇    下一篇

一类改进的基于证书签名方案

农强, 黄茹芬, 黄振杰   

  1. 闽南师范大学 计算机学院, 福建 漳州 363000
  • 收稿日期:2013-08-05 出版日期:2014-06-28 发布日期:2014-06-08
  • 作者简介:农强(1978-),男,讲师,E-mail:nong_qiang@163.com.
  • 基金资助:

    国家自然科学基金项目(61170246);福建省自然科学基金项目(2012J01295)

Improved for Certificate-Based Signature Scheme

NONG Qiang, HUANG Ru-fen, HUANG Zhen-jie   

  1. Department of Computer Science, Minnan Normal University, Fujian Zhangzhou 363000, China
  • Received:2013-08-05 Online:2014-06-28 Published:2014-06-08

摘要:

给出杨波等基于证书签名方案的一个伪造攻击,攻击显示诚实但好奇的认证中心可在不知用户秘密值的情况下,仅通过选取随机参数便能成功伪造任意用户对任意消息的有效签名. 分析发现原方案不安全的原因在于证书生成阶段计算的承诺值R并没有作为签名阶段Hash函数的输入之一,通过将R增加为Hash函数的输入,给出了一个改进方案. 改进方案在效率上与原方案是同等的,在离散对数困难性假设下可证明是安全的.

关键词: 基于证书签名, 伪造攻击, 认证中心, Hash函数, 离散对数问题

Abstract:

A forgery attack on Yang bo et al.'s certificate-based signature scheme was presented. It is found that the "honest-but-curious" certificate authority could forge a valid signature in any message on behalf of any user by choosing random parameters without knowing the secret value of the user. Analysis describes that the reason of insecurity of the original scheme is that the commitment value R computed in the stage of certificate generation is not used as an input of the hash function in the stage of signature generation. An improved scheme was proposed by adding R to the hash function. The improved scheme is as efficient as the original scheme. It is provably secure under the intractability of discrete logarithm problem.

Key words: certificate-based signature, forgery attack, certificate authority, Hash function, discrete logarithm problem

中图分类号: