北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2010, Vol. 33 ›› Issue (1): 80-83.doi: 10.13190/jbupt.201001.80.sunshf

• 论文 • 上一篇    下一篇

对一类无证书强代理签名方案的攻击及改进

孙士锋;温巧燕   

  1. (北京邮电大学 网络与交换技术国家重点实验室, 北京 100876)
  • 收稿日期:2009-05-21 修回日期:2009-09-28 出版日期:2010-02-28 发布日期:2010-02-28
  • 通讯作者: 孙士锋

An Attack on a Certificateless Strong Proxy Signature Scheme and Its Improvement

SUN Shi-feng;WEN Qiao-yan   

  1. (State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China)
  • Received:2009-05-21 Revised:2009-09-28 Online:2010-02-28 Published:2010-02-28
  • Contact: Sun Shi-Feng

摘要:

通过对一类已有的高效无证书强代理签名方案进行分析,给出了该方案所存在的一种替换公钥攻击,指出了该方案存在的安全问题,表明了攻击者可以通过替换原始签名者的公钥伪造代理授权,进而伪造代理签名. 针对该攻击提出了一种改进方案,使其克服了原方案所存在的问题,具有更高的安全性.

关键词: 无证书公钥体制, 代理签名, 替换公钥攻击, 双线性对

Abstract:

A proposal of efficient certificateless signature scheme is presented to insecure against public key replacement attack. It is shown that an adversary who replaces the public key of the original signer can forge valid proxy delegations for the corresponding proxy signer without knowledge of the signers private key, and can even forge valid proxy signatures. To thwart this attack, an improved scheme is further proposed, which is not only more securer but also avoids the problems of the original scheme.

Key words: certificateless public key cryptography, proxy signature, public key replacement attack, bilinear pairings

中图分类号: