摘要
异构聚合签密技术不仅解决了不同密码体制间的通信问题,同时还能对多个消息进行聚合签名认证。分析了牛淑芬等人提出的能保证数据隐私的异构签密方案,并指出该方案中单个签密与聚合签密均可被伪造,存在密钥生成中心的被动攻击。首先描述了详细的攻击过程,说明牛淑芬方案存在被动攻击。其次,改进了牛淑芬方案,并通过安全性分析证明了改进方案没有安全问题。对改进方案的性能分析以及仿真模拟显示,改进方案的效率与原方案相当。
The heterogeneous aggregation signcryption technology not only solves the problem of communication under different cryptosystems,but also performs aggregate signature verification on multiple messages.This paper analyzes the heterogeneous signcryption scheme proposed by Niu et al.that ensures data privacy,and points out that both single signcryption and aggregation signcryption can be forged in this scheme,and there are passive attacks in the key generation center.Firstly,we detail a specific attack process,which illustrates that the Niu scheme generates passive attacks.Secondly,we improve the Niu scheme and prove that the improved scheme has no security holes through security analysis.Finally,performance analysis and simulation show that the improved scheme has the equivalent efficiency to the original scheme.
作者
刘祥震
张玉磊
郎晓丽
骆广萍
王彩芬
LIU Xiang-zhen;ZHANG Yu-lei;LANG Xiao-li;LUO Guang-ping;WANG Cai-fen(College of Computer Science&Engineering,Northwest Normal University,Lanzhou 730070;Shenzhen Technology University,Shenzhen 518000,China)
出处
《计算机工程与科学》
CSCD
北大核心
2020年第3期441-448,共8页
Computer Engineering & Science
基金
甘肃省高等学校科研项目(2017A-003,2018A-207)。
关键词
异构
聚合签密
隐私保护
被动攻击
heterogeneous
aggregate signcryption
privacy preserving
passive attack
