摘要
2005年,张键红等提出了一种基于RSA的高效群签名方案,签名与验证的计算量只需要9次模幂乘运算。该文提出了一种伪造攻击方案指出张等的方案是不安全的,任一群成员在撤消中心的帮助下可以不利用自己的秘密参数对任何消息生成有效的群签名。同时,指出了群成员的识别算法是错误的,身份追踪式是与具体签名无关的常量,即身份追踪算法无法追踪到真实的签名者。最后,指出了他们的方案具有关联性。
In 2005, Zhang et al. proposed an efficient group signature scheme based on RSA, the total computation cost of signature and verification requires only 9 modular exponentiations. This paper will show that Zhang et al.'s scheme is insecure, any group member colludes with repeal center can generate a valid group signature without using his secret parameters. Additional, it will show that the signer identity verification algorithm is error, identity verification expression is independent of the group signature. That is, the signer identity verification algorithm cannot find who the signer is. Finally, it will show that their scheme is not unlinkable.
出处
《电子与信息学报》
EI
CSCD
北大核心
2007年第6期1511-1513,共3页
Journal of Electronics & Information Technology
基金
国家自然科学基金(10271037)
浙江省自然科学基金(Y105067)资助课题
关键词
群签名
RSA
密码学
Group signature
RSA
Cryptography