计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (1): 89-91.DOI: 10.3778/j.issn.1002-8331.2011.01.025

• 网络、通信、安全 • 上一篇    下一篇

一个无证书代理盲签名方案的改进

吴晨煌1,2,梁红梅3,陈智雄1,2   

  1. 1.莆田学院 数学与应用数学系,福建 莆田 351100
    2.福建师范大学 网络安全与密码重点实验室,福州 350007
    3.漳州师范学院 数学与信息科学系,福建 漳州 363000

  • 收稿日期:2009-08-07 修回日期:2009-11-18 出版日期:2011-01-01 发布日期:2011-01-01
  • 通讯作者: 吴晨煌

Improvement of certificateless proxy blind signature schemes

WU Chenhuang1,2,LIANG Hongmei3,CHEN Zhixiong1,2   

  1. 1.Department of Mathematics,Putian University,Putian,Fujian 351100,China
    2.Key Lab of Network Security and Cryptology,Fujian Normal University,Fuzhou 350007,China
    3.Department of Mathematics and Information Science,Zhangzhou Normal University,Zhangzhou,Fujian 363000,China
  • Received:2009-08-07 Revised:2009-11-18 Online:2011-01-01 Published:2011-01-01
  • Contact: WU Chenhuang

摘要: 无证书公钥系统克服了传统基于证书公钥系统中的证书管理问题和基于身份公钥系统中的密钥托管问题,是目前的研究热点之一。对陈虎等人新近提出的一个无证书代理盲签名方案进行了安全性分析,发现该签名方案存在严重的安全缺陷,即不诚实的用户能够恢复出代理签名人的代理私钥,从而能做代理签名人所能做的任何事情。最后,给出了一个克服该攻击的改进方法,并且改进后方案的安全性仍然是基于CDH问题。

Abstract: Certificateless public key cryptosystem,one of the hot topics in current research,overcomes the problem of the certificate management in the traditional certificate-based public key cryptosystem and the inherent key escrow problem in the identity-based public key cryptosystem.The certificateless proxy blind signature scheme,which has been proposed recently by Chen Hu etc.,is analyzed and their scheme turns out to be severely insecure.That is,a dishonest user can recover the proxy private key of the proxy signer;then he can do what the proxy signer can do.Finally,to conquer this attack,a comprehensive and improved scheme is proposed,whose security is based on the CDHP.

中图分类号: