计算机工程与应用 ›› 2014, Vol. 50 ›› Issue (22): 115-117.
• 网络、通信、安全 • 上一篇 下一篇
刘晓红,张建中
出版日期:
发布日期:
LIU Xiaohong, ZHANG Jianzhong
Online:
Published:
摘要: 分析了一种无证书代理签名方案,指出其针对于无证书密码系统中的两类敌手都不安全。类型I敌手可替换用户的公钥来伪造代理授权和代理签名;类型II敌手(KGC)可针对预先选择好的用户生成特殊的系统参数,然后伪造代理授权。为了克服这些安全问题,提出了一种改进的方案,分析表明,新方案具有更好的安全性。
关键词: 无证书签名, 代理签名, 公钥替换攻击, 恶意的KGC攻击, 双线性对
Abstract: This paper analyzes a certificateless proxy signature scheme and points out it are vulnerable against two types of adversaries in certificateless cryptosystems. Type I adversary can replace the user’ public key to forge proxy delegations from any original signer to any proxy signer and compute the proxy signature; type II adversary(KGC) can generate the trapdoor system parameters according to the identity information of a pre-selected target user and then forge the proxy delegations from the target user to other users. To overcome these security problems, a new improved proxy signature scheme is proposed. Analysis shows that the new scheme has better security.
Key words: certificateless signature, proxy signature, public key replacement attacks, malicious KGC attacks, bilinear mapping
刘晓红,张建中. 对一种无证书代理签名方案的分析与改进[J]. 计算机工程与应用, 2014, 50(22): 115-117.
LIU Xiaohong, ZHANG Jianzhong. Analysis and improvement of certificateless proxy signature scheme[J]. Computer Engineering and Applications, 2014, 50(22): 115-117.
0 / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://cea.ceaj.org/CN/
http://cea.ceaj.org/CN/Y2014/V50/I22/115