摘要
分析Zhou-Du方案和Zhao方案,指出这2个基于身份的聚合签名方案是不安全的。在Zhou-Du方案中,单个签名和聚合签名是可伪造的;在Zhao方案中,攻击者可利用单个签名获得签名者的私钥,进而实现任何攻击。对2个方案进行改进,改进的Zhou-Du方案满足不可伪造性,改进的Zhao方案可避免私钥泄露。同时,改进的Zhou-Du方案效率优于原方案,改进的Zhao方案的效率与原方案相同。
The analysis of the ID-based aggregate signature schemes proposed by Zhou-Du and Zhao respectively reveals that they are insecure.The partial and aggregate signatures in Zhou-Du's scheme can be fabricated.Likewise,in Zhao's scheme,the adversary can utilize the partial signature to gain access to the signer's private key for any attacks.The schemes are modified respectively.The modified scheme of Zhou-Du achieves non-forgeability while the modified scheme of Zhao succeeds to avoid the private key leakage.The modified scheme of Zhou-Du is more efficient than the original one,the modified scheme of Zhao works as efficiently as the original one.
出处
《计算机工程》
CAS
CSCD
北大核心
2011年第7期145-147,共3页
Computer Engineering
基金
国家自然科学基金资助项目(61063041)
甘肃省高校研究生导师科研基金资助项目(1001-09)
甘肃省科技计划基金资助项目(1010RJZA022)
西北师范大学青年教师科研能力提升计划基金资助项目(NWNU-LKQN-10-22)
关键词
基于身份的签名
聚合签名
双线性对
ID-based signature
aggregate signature
bilinear pairing