计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (15): 101-103.

• 网络、通信、安全 • 上一篇    下一篇

两个无证书代理签名方案的分析与改进

杨长海   

  1. 南昌陆军学院 科文教研室,南昌 330103
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2011-05-21 发布日期:2011-05-21

Analysis and improvement of two certificateless proxy signature schemes

YANG Changhai   

  1. Department of Science and Liberal Arts,Nanchang Military Academy,Nanchang 330103,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2011-05-21 Published:2011-05-21

摘要: 针对最近提出的两个无证书代理签名方案进行了安全性研究,指出其存在相同的安全性缺陷:无法抵抗无证书签名体制中类型II的敌手实施的假冒攻击,即恶意但被动的KGC可以假冒原始签名者将任何消息的代理签名权委托给代理签名者。同时也指出了另外一个缺陷,即代理签名者的代理签名密钥容易泄露。并分析了攻击成功的原因,给出了克服攻击的改进措施。

关键词: 数字签名, 代理签名, 无证书, 假冒攻击, 密钥泄露

Abstract: This paper points out their shared defects by researching the security of the two recently-advanced certificateless proxy signature schemes.One is their irresistibility to impersonation attack against certificateless signature scheme II,that is,malicious-but-passive KGC can relegate the right to sign any message to any proxy signer by impersonating original signer,the other is the high likelihood of key-compromise of proxy signature.At last,the reasons for the success of impersonation attack have been analyzed and countermeasures against these attacks have been brought forward as well.

Key words: digital signature, proxy signature, certificateless, impersonation attack, key-compromise