摘要
对文献[19]提出的无证书代理环签名方案进行安全性分析,指出该签名方案存在严重的安全问题,即原始签名人的私钥可以被代理签名人恢复出来。指出文献[22]提出的一个标准模型下无证书代理环签名方案也是不安全的,它能够受到两种攻击,即用户从KGC为其生成的部分私钥中可以恢复出系统主密钥、任何用户都可以对任意选择的消息伪造代理签名。分析该方案存在这种攻击的原因,探讨如何克服此类攻击的方法。
This paper analyzed the security of a certificateless proxy ring signature scheme presented by Shi [19],and pointed out a serious security problem in this signature scheme,that was the private key of the original signer could be recovered by the proxy signer.In addition,a certificateless proxy ring signature scheme in the standard model proposed by Zhang et al [22] was also insecure.It could be attacked by two kinds of attacks,that is,the user could recover the system master key from part of the private key that generated by KGC,and any user could forge the proxy signature for arbitrarily selected messages.We analyzed the reasons for this attack and disscussed how to overcome it.
作者
李慧敏
宁华英
梁红梅
张金辉
Li Huimin;Ning Huaying;Liang Hongmei;Zhang Jinhui(School of Mathematics and Finance,Putian University,Putian 351100,Fujian,China;School of Mathematics and Statistics,Minnan Normal University,Zhangzhou 363000,Fujian,China;Key Laboratory of Applied Mathematics,Fujian Province University,Putian 351100,Fujian,China)
出处
《计算机应用与软件》
北大核心
2019年第10期305-309,333,共6页
Computer Applications and Software
基金
国家自然科学基金项目(61373140,61170246)
福建省高校创新团队培育计划资助
福建省教育厅中青年教师教育科研项目(JT180487)
莆田学院校内项目(2016096)
关键词
无证书
代理环签名
标准模型
安全性分析
改进
Certificateless
Proxy ring signature
Standard model
Security analysis
Improvement
