兩個(gè)無證書聚合簽名方案的安全性分析
doi: 10.11999/JEIT151350
-
1.
(武漢大學(xué)計(jì)算機(jī)學(xué)院 武漢 430072) ②(武漢大學(xué)國際軟件學(xué)院 武漢 430072)
基金項(xiàng)目:
國家自然科學(xué)基金(61402339)
Security Analysis on Two Certificateless Aggregate Signature Schemes
-
1.
(Computer School, Wuhan University, Wuhan 430072, China)
-
2.
(International School of Software, Wuhan University, Wuhan 430072, China)
Funds:
The National Natural Science Foundation of China (61402339)
-
摘要: 張玉磊等人(2015)提出了兩種無證書聚合簽名方案,并證明其方案在隨機(jī)預(yù)言機(jī)模型下是可證明安全的。該文分析張玉磊等人提出的兩種方案的安全性,指出了第1種方案可以抵抗兩類攻擊者的攻擊;第2種方案不能抵抗第1類攻擊者和第2類攻擊者的攻擊,給出詳細(xì)的攻擊過程,證明攻擊者偽造出的簽名可以通過驗(yàn)證,分析了第2種方案存在偽造攻擊的原因,提出了改進(jìn)的方案。
-
關(guān)鍵詞:
- 公鑰密碼體制 /
- 無證書聚合簽名 /
- KGC被動(dòng)攻擊 /
- 計(jì)算性Diffie-Hellman問題 /
- 簽名偽造
Abstract: Zhang et al. (2015) proposed two certificateless aggregate signature schemes, and they demonstrated that both of their schemes are provably secure in the random oracle model. This paper analyzes the security of two schemes proposed by Zhang et al. and indicates that the first scheme can resist the attacks by Type 1 and Type 2 adversaries, and the second scheme can not resist the attacks by Type 1 and Type 2 adversaries. The study shows the processes of concrete forgery attacks, and proves the validity of the forged signature by attackers. The reasons of forgery attacks in the second scheme are analyzed, and the modified scheme is proposed. -
DIFFIE W and HELLMAN M E. New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976, 22(6): 644-654. SHAMIR A. Identity-based cryptosystems and signature schemes[C]. Advances in Cryptology-CRYPTO84, Berlin, Springer-Verlag, 1984: 47-53. 王 竹, 戴一齊, 順頂鋒. 普適安全的基于身份的簽名機(jī)制. 電子學(xué)報(bào), 2011, 39(7): 1613-1617. WANG Zhu, DAI Yiqi, and YE Dingfeng. Universally composable identity-based signature[J]. Acta Electronica Sinica, 2011, 39(7): 1613-1617. DU Hongzhen and WEN Qiaoyan. An efficient identity-based short signature scheme from bilinear pairings[C]. IEEE Computer Society, Washington D.C., USA: 2007: 725-729. AL-RIYAMI S S and PATERSON K G. Certificateless public key cryptography[C]. Advances in Cryptology- ASIACRYPT03, Berlin, Springer-Verlag, 2003: 452-473. ZHANG Lei, WU Qianhong, JOSEP D F, et al. Signatures in hierarchical certificateless cryptography: Efficient constructions and provable security[J]. Infomation Sciences, 2014, 272(10): 223-237. doi: 10.1016/j.ins.2014.02.085. CHEN Hu, ZHU Changjie, and SONG Rushun. Efficient certificateless signature and group signature schemes[J]. Journal of Computer Research and Development, 2010, 47(2): 231-237. BONEN D, GENTRY C, LYNN B, et al. Aggregate and verifiably encrypted signatures from bilinear maps[C]. Advances in Cryptology-EUROCRYPT03, Berlin, Springer- Verlag, 2003: 416-432. doi: 10.1007/3-540-39200-9_26. LYSYANSKAYA A, MICALI S, REYZIN L, et al. Sequential aggregate signatures from trapdoor permutations[C]. Advances in Cryptology-EUROCRYPT04, Berlin, Springer- Verlag, 2004: 74-90. doi: 10.1007/978-3-540-24676-3_5. GONG Zheng, LONG Yu, HONG Xuan, et al. Two certificateless aggregate signatures from bilinear maps[C]. Proceedings of the IEEE SNPD07, Qingdao, China: 2007, 3: 188-193. doi: 10.1109/SNPD.2007.132. ZHANG Lei and ZHANG Futai. A new certificateless aggregate signature scheme[J]. Computer Communications, 2009, 32(6): 1079-1085. doi: 10.1016/j.comcom.2008.12.042. YU Xiuying and HE Dake. New certificateless aggregate signature scheme[J]. Application Research of Computers, 2014, 31(8): 2485-2487. XIONG Hu, GUAN Zhi, CHEN Zhong, et al. An efficient certificateless aggregate signature with constant pairing computations[J]. Information Sciences, 2013, 219: 225-235. doi: 10.1016/j.ins.2012.07.004. HE Debiao, TIAN Miaomiao, and CHEN Jianhua. Insecurity of an efficient certificateless aggregate signature with constant pairing computations[J]. Information Sciences, 2014, 268: 458-462. doi: 10.1016/j.ins.2013.09.032. 明洋, 趙祥模, 王育民. 無證書聚合簽名方案[J]. 電子科技大學(xué)學(xué)報(bào), 2014, 43(2): 188-193. doi: 10.3969/j.issn.1001-0548. 2014.02.005. MING Yang, ZHAO Xiangmo, and WANG Yumin. Certificateless aggregate signature scheme[J]. Journal of University of Electronic Science and Technology of China, 2014, 43(2): 188-193. doi: 10.3969/j.issn.1001-0548.2014.02. 005. 張玉磊, 李臣意, 王彩芬, 等. 無證書聚合簽名方案的安全性分析和改進(jìn)[J]. 電子與信息學(xué)報(bào), 2015, 37(8): 1994-1999. doi: 10.11999/JEIT141635. ZHANG Yulei, LI Chenyi, WANG Caifen, et al. Security analysis and improvements of certificateless aggregate signature schemes[J]. Journal of Electronics Information Technology, 2015, 37(8): 1994-1999. doi: 10.11999/ JEIT141635. -
計(jì)量
- 文章訪問數(shù): 1526
- HTML全文瀏覽量: 179
- PDF下載量: 376
- 被引次數(shù): 0