Security analysis and improvement of certificateless signature scheme

Computer Engineering and Applications ›› 2013, Vol. 49 ›› Issue (5): 96-98.

Previous Articles Next Articles

Security analysis and improvement of certificateless signature scheme

GE Rongliang, GAO Dezhi, LIANG Jingling, ZHANG Yun

College of Information Science and Engineering, Shandong University of Science and Technology, Qingdao, Shandong 266510, China

Online:2013-03-01 Published:2013-03-14

无证书签名方案的分析及改进

葛荣亮，高德智，梁景玲，张云

山东科技大学信息科学与工程学院，山东青岛 266510

Abstract

Abstract: This paper analyzes a certificateless signature scheme, and points out the scheme can’t resist to the public key replacement attack and the malicious KGC（Key Generation Center） attack. The attacker can forge the signature for any message by substituting the public key of the signer. The malicious KGC can get the private key. The analysis shows that the scheme can not satisfy the safety requirements of the certificateless signature. Meanwhile the improvement measure is proposed to resist these attacks.

Key words: certificateless signature, public key replacement attack, malicious Key Generation Center（KGC） attack, bilinear pairing

摘要： 对一个无证书签名方案进行安全性分析，指出该方案不能抵抗公钥替换攻击和恶意的KGC攻击，即攻击者可以通过替换签名者的公钥来伪造任意消息的签名，恶意的KGC（Key Generation Center）可以获取用户的私钥。分析结果显示该方案不能满足无证书签名方案的安全性要求，同时为了应对这两种攻击，提出了改进的方案。

关键词: 无证书签名, 公钥替换攻击, 恶意密钥生成中心（KGC）攻击, 双线性对

GE Rongliang, GAO Dezhi, LIANG Jingling, ZHANG Yun. Security analysis and improvement of certificateless signature scheme[J]. Computer Engineering and Applications, 2013, 49(5): 96-98.

葛荣亮，高德智，梁景玲，张云. 无证书签名方案的分析及改进[J]. 计算机工程与应用, 2013, 49(5): 96-98.

[1]	TONG Le, HAO Rong, YU Jia. Secure Outsourcing Scheme for Bilinear Pairing Based on Single Untrusted Server [J]. Computer Engineering and Applications, 2020, 56(9): 131-135.
[2]	LI Yanjun, WANG Shubei, YANG Xiaotong, CAO Yisen. Lightweight NFC Security Authentication Scheme Based on Mobile Terminal [J]. Computer Engineering and Applications, 2020, 56(16): 84-89.
[3]	XU Hailin1, LU Yang2. Searchable public key encryption secure against keyword guessing attacks [J]. Computer Engineering and Applications, 2018, 54(24): 108-115.
[4]	GE Lixia1, LI Xiao1, HE Mingxing2, LI Yarong1, LIU Xiaojian2. Improved certificateless proxy signature scheme [J]. Computer Engineering and Applications, 2017, 53(8): 92-94.
[5]	LIU Jiajia, LIU Jianhua. Fuzzy attribute-based signcryption scheme with constant length ciphertext [J]. Computer Engineering and Applications, 2017, 53(5): 128-133.
[6]	XU Hailin1, LU Yang2. Efficient certificate-based proxy re-encryption scheme [J]. Computer Engineering and Applications, 2017, 53(14): 80-86.
[7]	ZHANG Min, DU Weizhang. Publicly verifiable and renewable multi-secret sharing scheme with self-selecting sub-secret [J]. Computer Engineering and Applications, 2016, 52(9): 71-77.
[8]	ZHANG Jiao, HE Yong, LI Xiong. Cryptanalysis and improvement of two verifiable ring signature schemes [J]. Computer Engineering and Applications, 2016, 52(8): 115-119.
[9]	ZHANG Min, DU Weizhang. Publicly verifiable and periodically renewable multi-secret sharing scheme [J]. Computer Engineering and Applications, 2016, 52(2): 117-126.
[10]	LI Yarong1, LI Xiao1, HE Mingxing2, LIU Xiaojian2, GE Lixia1. Security analysis and improvement of forward secure proxy signature scheme [J]. Computer Engineering and Applications, 2016, 52(14): 110-114.
[11]	HU Jianghong1, DU Hongzhen1, ZHANG Jianzhong2. Analysis and improvement of certificateless aggregate signature scheme [J]. Computer Engineering and Applications, 2016, 52(10): 80-84.
[12]	CHEN Hong1, ZHENG Yanyan1, XIAO Zhenjiu1，2. Certificateless-based two-party authenticated key agreement protocol for multiple PKG environment without bilinear pairing [J]. Computer Engineering and Applications, 2015, 51(7): 74-79.
[13]	ZHANG Zhiming, LI Ping, XIONG Xiaoyong. Efficient false data filtering scheme for wireless sensor networks [J]. Computer Engineering and Applications, 2015, 51(24): 78-85.
[14]	ZHANG Jianzhong, YANG Li. Cryptography analysis and improvement on certificateless proxy blind signature scheme [J]. Computer Engineering and Applications, 2014, 50(4): 90-93.
[15]	LIU Xiaohong, ZHANG Jianzhong. Analysis and improvement of certificateless proxy signature scheme [J]. Computer Engineering and Applications, 2014, 50(22): 115-117.

Security analysis and improvement of certificateless signature scheme

无证书签名方案的分析及改进

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics