无证书强代理签名方案的密码学分析及改进

doi:10.13190/jbupt.201105.115.hugzh

北京邮电大学学报 ›› 2011, Vol. 34 ›› Issue (5): 115-118.doi: 10.13190/jbupt.201105.115.hugzh

无证书强代理签名方案的密码学分析及改进

胡国政¹,韩兰胜²,王展青¹

1.武汉理工大学理学院, 武汉 430070； 2.华中科技大学计算机学院, 武汉 430074

收稿日期:2010-11-04 修回日期:2011-07-02 出版日期:2011-10-28 发布日期:2011-08-26
通讯作者: 胡国政 E-mail:huguozheng@whut.edu.cn
基金资助:
国家自然科学基金项目(60703048); 湖北省自然科学基金项目(2007ABA313)

Cryptanalysis and Improvement of a Certificateless  Strong Proxy Signature Scheme

Received:2010-11-04 Revised:2011-07-02 Online:2011-10-28 Published:2011-08-26
Supported by:
National Natural Science Foundation of China

摘要/Abstract

摘要：

对一种高效无证书强代理签名方案进行了分析，指出该方案对于公钥替换攻击是不安全的. 证明了敌手不仅可以通过替换原始签名者的公钥伪造代理授权，而且可以通过同时替换原始签名者和代理签名者的公钥伪造任意消息的代理签名. 针对这2种公钥替换攻击提出了改进方案，使得改进后的方案克服了原方案的安全缺陷，满足了无证书强代理签名方案的安全性要求.

关键词: 无证书公钥密码体制, 无证书强代理签名, 公钥替换攻击, 双线性对

Abstract:

It is analyzed that efficient certificateless strong proxy signature scheme is proven insecure against the public key replacement attack. The adversary can not only forge valid proxy delegation by substituting the public keys of the original signer, but it can also forge the proxy signatures of the proxy signer by substituting the public keys of the original signer and the proxy signer. An improved scheme is presented to resist against these attacks.

Key words: certificateless public key cryptography, certificateless strong proxy signature, public key replacement attacks, bilinear pairings

中图分类号:

TP309

胡国政,韩兰胜,王展青. 无证书强代理签名方案的密码学分析及改进[J]. 北京邮电大学学报, 2011, 34(5): 115-118.

参考文献

[1] Al-Riyami S, Paterson K G. Certificateless public key cryptography//Laih C S. Asiacrypt 2003. Taipei: Springer-Verlag, 2003: 452-473.
[2] Zhang Zhenfeng, Wong Duncan S, Xu Jing, et al. Certificateless public-key signature: security model and efficient construction//Zhou J. ACNS 2006. Singapore: Springer-Verlag, 2006: 293-308.
[3] Huang X, Susilo W, Mu Y, et al. On the security of certificateless signature schemes from Asiacrypt 2003//Desmedt Y G. CANS 2005. Suzhou: Springer-Verlag, 2005: 13-25.
[4] Au M H, Chen J, Liu J K, et al. Malicious KGC attacks in certificateless cryptography//ASIACCS 2007. Singapore: ACM, 2007: 302-311.
[5] 曹雪菲, Paterson K G, 寇卫东. 对一类无证书签名方案的攻击及改进[J]. 北京邮电大学学报, 2009, 31(2): 64-67. Cao Xuefei, Paterson K G, Kou Weidong. An attack on a certificateless signature scheme and its improvement[J]. Journal of Beijing University of Posts and Telecommunications, 2009, 31(2): 64-67.
[6] Mambo M, Usuda K, Okamoto E. Proxy signatures for delegating signing operation //Proceedings of CCS’96. New Delhi: ACM, 1996: 48-57.
[7] Lee B, Kim H, Kim K. Strong proxy signature and its applications//Proceeding of ACISP 2001. Qiso: Springer-Verlag, 2001: 603-608.
[8] Li Xiangxue, Chen Kefei. Certificateless signature and proxy signature schemes from bilinear pairings[J]. Lithuanian Mathematical Journal, 2005, 45(1): 76-83.
[9] Lu Rongbo, He Dake, Wang Changji. Cryptanalysis and improvement of a certificateless proxy signature scheme from bilinear pairings//Eighth ACIS International Conference on SNPD 2007. Qingdao: IEEE, 2007: 285-290.
[10] 杜红珍, 温巧燕, 李文敏, 等. 高效的无证书强代理签名方案[J]. 北京邮电大学学报, 2008, 31(6): 18-21. Du Hongzhen, Wen Qiaoyan, Li Wenmin, et al. Efficient certificateless strong proxy signature scheme[J]. Journal of Beijing University of Posts and Telecommunications, 2008, 31(6): 18-21.
[11] 孙士锋, 温巧燕. 对一类无证书强代理签名方案的攻击及改进[J]. 北京邮电大学学报, 2010, 33(1): 80-83. Sun Shifeng, Wen Qiaoyan. An attack on a certificateless strong proxy signature scheme[J]. Journal of Beijing University of Posts and Telecommunications, 2010, 33(1): 80-83.

无证书强代理签名方案的密码学分析及改进

Cryptanalysis and Improvement of a Certificateless  Strong Proxy Signature Scheme

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

本文评价

[1]	周才学. 基于证书的签名方案的分析与改进[J]. 北京邮电大学学报, 2013, 36(6): 98-101.
[2]	杜红珍1, 2, 温巧燕1, 李文敏1, 金正平1. 高效的无证书强代理签名方案[J]. 北京邮电大学学报, 2008, 31(6): 18-21.