摘要
聚合签名可以降低签名的验证开销和签名的长度。分析三个无证书聚合签名方案的安全性,指出它们不能抵抗无证书公钥密码系统的一般用户公钥替换攻击和恶意密钥生成中心KGC伪造攻击。其中,Chen方案和喻方案既不能抵抗公钥替换攻击,也不能抵抗KGC被动攻击;张方案不能抵抗KGC主动攻击。通过具体的攻击算法和原因分析,证明该类方案不安全。对张方案进行改进,改进的方案增强了原方案的安全性。
Aggregate signature can reduce the cost of signature verif ication and the length of the signature. First, we analyzed security of three certificateless aggregation signatures. We allowed certificateless public key cryptosystems to attack them. These attacks general user publ ic key replacement attack and mal icious key generation center KGC forged attack. And Chen program and Yu scheme cannot resist the public key to replace the attack, nor resistance to KGC passive attack. Zhang program cannot resist KGC active attack. Through the specific attack algorithm and cause analysis, proved that the program is not safe. We improved the Zhang, s scheme to strengthen the security compared with the original program.
出处
《计算机应用与软件》
2017年第8期307-311,共5页
Computer Applications and Software
基金
国家自然科学基金项目(61163038)
甘肃省高等学校科研项目(2015B-220
2013A-014)
关键词
无证书公钥密码
聚合签名
密钥生成中心
被动攻击
主动攻击
Certificate less publ ic key cryptography Aggregate signature Key generation center Passive attack Initiative attack
