北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2009, Vol. 32 ›› Issue (2): 115-118.doi: 10.13190/jbupt.200902.115.jiangh

• 研究报告 • 上一篇    下一篇

一个完美并发签名协议的分析与改进

蒋瀚 徐秋亮 张忠 徐秋亮   

  1. 山东大学计算机科学与技术学院 山东大学计算机科学与技术学院 山东大学计算机科学与技术学院
  • 收稿日期:2008-05-20 修回日期:2009-01-18 出版日期:2009-04-28 发布日期:2009-04-28
  • 通讯作者: 徐秋亮

Analysis and improvement of a Perfect Concurrent Signature Protocol

Jiang Han Qiuliang Xu 忠 张   

  • Received:2008-05-20 Revised:2009-01-18 Online:2009-04-28 Published:2009-04-28
  • Contact: Qiuliang Xu

摘要:

分析了Huang等提出的1个完美并发签名协议,设计了2种攻击方法对该协议进行攻击. 结果表明,该方案存在2个安全漏洞:参与的两方AB都有能力在并发签名产生之后伪造1个对新消息的签名;AB都有能力独自伪造双方的并发签名. 为了防止上述的伪造攻击,提出了1个改进方案,增加对关键信息的认证,并分析了改进方案的安全性.

关键词: 并发签名, 完美并发签名, 公平合同签署, 环签名

Abstract:

A perfect concurrent signature protocol proposed by Huang et al in 2007 is analyzed. Two attacks are given out to show that there are two weaknesses in Huang's protocol: firstly, both participators A and B can change the signed messages after the concurrent signature protocol is completed; secondly, both A and B can forge a concurrent signature themselves. To prevent such forgery attacks, an improved protocol is proposed by adding authentication to the keystone information, and then the security of the improvement is analyzed.

Key words: Concurrent Signature, Perfect Concurrent Signature, Fair Contract Signing, Ring Signature