计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (8): 96-98.DOI: 10.3778/j.issn.1002-8331.2010.08.027

• 网络、通信、安全 • 上一篇    下一篇

一种新的无证书代理签名方案的分析与改进

申军伟1,杨晓元1,2,梁中银1,陈海滨1   

  1. 1.武警工程学院,西安 710086
    2.西安电子科技大学 网络信息安全教育部重点实验室,西安 710071
  • 收稿日期:2008-09-18 修回日期:2008-12-22 出版日期:2010-03-11 发布日期:2010-03-11
  • 通讯作者: 申军伟

Security analysis and improvement of new certificateless proxy signature

SHEN Jun-wei1,YANG Xiao-yuan1,2,LIANG Zhong-yin1,CHEN Hai-bin1   

  1. 1.Engineering College of Armed Police Force,Xi’an 710086,China
    2.Key Laboratory of Network & Information Security of the Ministry of Education,Xidian University,Xi’an 710071,China
  • Received:2008-09-18 Revised:2008-12-22 Online:2010-03-11 Published:2010-03-11
  • Contact: SHEN Jun-wei

摘要: 樊睿等人提出了一种新的无证书代理签名方案,该方案的安全性是基于CDH困难性假设。对该代理签名方案进行了安全性分析,指出该方案不仅泄露了原始签名者的私钥,而且不能抵抗替换公钥攻击和恶意但被动的KGC攻击,从而不满足代理签名的安全性要求。同时提出了一个改进方案,改进方案不仅弥补了原方案的安全缺陷,而且改善了协议的性能。

Abstract: This paper analyzes the security of a new certificateless proxy signature proposed by Fan Rui recently.The security of Fan Rui’s scheme relies on the CDH problem.It shows that Fan’s proxy signature reveals the private key of original signer and is insecure against a key replacement attack and malicious-but-passive KGC attack.It also gives a modified scheme.The improvement is secure against the key replacement attack and the malicious-but-passive KGC attack.This paper elaborately eliminates the defect of the original scheme and improves the efficiency of the protocol.

中图分类号: