计算机工程与应用 ›› 2014, Vol. 50 ›› Issue (22): 115-117.

• 网络、通信、安全 • 上一篇    下一篇

对一种无证书代理签名方案的分析与改进

刘晓红,张建中   

  1. 陕西师范大学 数学与信息科学学院,西安 710062
  • 出版日期:2014-11-15 发布日期:2014-11-13

Analysis and improvement of certificateless proxy signature scheme

LIU Xiaohong, ZHANG Jianzhong   

  1. College of Mathematics and Information Science, Shaanxi Normal University, Xi’an 710062, China
  • Online:2014-11-15 Published:2014-11-13

摘要: 分析了一种无证书代理签名方案,指出其针对于无证书密码系统中的两类敌手都不安全。类型I敌手可替换用户的公钥来伪造代理授权和代理签名;类型II敌手(KGC)可针对预先选择好的用户生成特殊的系统参数,然后伪造代理授权。为了克服这些安全问题,提出了一种改进的方案,分析表明,新方案具有更好的安全性。

关键词: 无证书签名, 代理签名, 公钥替换攻击, 恶意的KGC攻击, 双线性对

Abstract: This paper analyzes a certificateless proxy signature scheme and points out it are vulnerable against two types of adversaries in certificateless cryptosystems. Type I adversary can replace the user’ public key to forge proxy delegations from any original signer to any proxy signer and compute the proxy signature; type II adversary(KGC) can generate the trapdoor system parameters according to the identity information of a pre-selected target user and then forge the proxy delegations from the target user to other users. To overcome these security problems, a new improved proxy signature scheme is proposed. Analysis shows that the new scheme has better security.

Key words: certificateless signature, proxy signature, public key replacement attacks, malicious KGC attacks, bilinear mapping