Abstract: Through the security analysis of a forward secure certificateless proxy blind signature scheme proposed by Wei Junyi et al., it is found that the scheme does not resist the original signer’s forgery attack and does not satisfy the blindness. To address the above problems, an improved scheme is presented. The improved scheme overcomes the security drawbacks existing in the original scheme by improving the proxy key generation process and the blind signature process. The improved scheme also satisfies the backward security by embedding the one-way hash chain in the signature. Furthermore, there is no need to set up a confidential channel between key generation center and users, which reduces extra expense. The security analysis shows that the improved scheme meets the security requirements of a forward secure certificateless proxy blind signature scheme.

Key words: certificateless, forward secure, backward secure, one-way hash chain, forgery attack, proxy blind signature

摘要： 通过对魏俊懿等人提出的一种前向安全的无证书代理盲签名方案进行安全性分析，发现该方案不能抵抗原始签名人的伪造攻击、不具有盲性。针对上述问题，提出一种改进的方案。通过对代理密钥生成过程以及盲签名过程的改进，克服了原方案存在的安全缺陷。利用将单向散列链嵌入签名的方法，保证了改进的方案具有后向安全性。而且，密钥生成中心与用户之间不需要建立可信的安全通道，节省了额外的开销。安全分析表明，改进的方案满足前向安全无证书代理盲签名方案的安全要求。

关键词: 无证书, 前向安全, 后向安全, 单向散列链, 伪造攻击, 代理盲签名