摘要
Lin,Tang和Wang(LTW)基于一种星型密钥分发体系结构提出了一种多素数RSA,并利用它构造了一种无需密钥更新过程的集中式组密钥管理方案。按照组密钥管理的几个主要安全需求,运用密码学的工程实践视角和计算数论的方法,对该方案提出了环幂等元攻击、选择明文攻击、求高次整根攻击以及基于椭圆曲线分解方法和中国剩余定理的串谋攻击。数学与密码分析表明:在一定的条件下可以高效实现这些攻击,而密钥服务器的加密指数的"零更新"特性正是这些安全隐患之源。
Recently, Lin, Tang and Wang proposed a multi-prime RSA based on a star architecture of key distribution and made use of it to construct a centralized group key management scheme. According to several main security requirements of group key management, from the perspective of cryptographic engineering practice and applying computational number theory, four kinds of attacks against this scheme were proposed: a ring idempotent attack, a chosen plaintext attack, an attack of extracting high order integer roots, and a collusion attack based on the elliptic curve factoring method and Chinese remainder theorem. The mathematical analysis and cryptanalysis indicate that under certain conditions these attacks can be realized efficiently, and it is the characteristic of "without rekeying the key server's eneryption exponent" that causes such security risks.
出处
《计算机应用》
CSCD
北大核心
2011年第3期793-797,共5页
journal of Computer Applications
基金
国家民族事务委员会自然科学研究基金资助项目(20100706)