计算机技术与发展
計算機技術與髮展
계산궤기술여발전
Computer Technology and Development
2015年
11期
134-138
,共5页
无证书签名%双线性对%公钥替换攻击%恶意KGC攻击%安全性分析
無證書籤名%雙線性對%公鑰替換攻擊%噁意KGC攻擊%安全性分析
무증서첨명%쌍선성대%공약체환공격%악의KGC공격%안전성분석
certificateless signature%bilinear pairings%public key replacement attack%malicious KGC attack%security analysis
近年来,为了解决身份基密码系统中固有的密钥托管问题,无证书公钥密码系统的概念被提出.对潘帅(2013)等提出的无证书签名方案进行安全性分析,指出该方案存在着公钥替换攻击和恶意KGC攻击,并给出具体攻击方法.针对上述问题,文中采用改变传统无证书签名算法顺序,定期更新用户秘密值来对原方案进行改进.改进方案同时加强了用户身份信息与其他参数的关联程度,以达到安全性要求.并基于离散对数问题、CDH问题和Inv-CDH问题的困难性假设,在随机预言模型中证明了改进方案的安全性.与潘方案比较,发现改进后的签名方案在整体性能上有更高的优势,且具有了前向安全性.
近年來,為瞭解決身份基密碼繫統中固有的密鑰託管問題,無證書公鑰密碼繫統的概唸被提齣.對潘帥(2013)等提齣的無證書籤名方案進行安全性分析,指齣該方案存在著公鑰替換攻擊和噁意KGC攻擊,併給齣具體攻擊方法.針對上述問題,文中採用改變傳統無證書籤名算法順序,定期更新用戶祕密值來對原方案進行改進.改進方案同時加彊瞭用戶身份信息與其他參數的關聯程度,以達到安全性要求.併基于離散對數問題、CDH問題和Inv-CDH問題的睏難性假設,在隨機預言模型中證明瞭改進方案的安全性.與潘方案比較,髮現改進後的籤名方案在整體性能上有更高的優勢,且具有瞭前嚮安全性.
근년래,위료해결신빈기밀마계통중고유적밀약탁관문제,무증서공약밀마계통적개념피제출.대반수(2013)등제출적무증서첨명방안진행안전성분석,지출해방안존재착공약체환공격화악의KGC공격,병급출구체공격방법.침대상술문제,문중채용개변전통무증서첨명산법순서,정기경신용호비밀치래대원방안진행개진.개진방안동시가강료용호신빈신식여기타삼수적관련정도,이체도안전성요구.병기우리산대수문제、CDH문제화Inv-CDH문제적곤난성가설,재수궤예언모형중증명료개진방안적안전성.여반방안비교,발현개진후적첨명방안재정체성능상유경고적우세,차구유료전향안전성.
Recently,in order to eliminate the key-escrow problem in identity based cryptography,the notion of certificateless public key cryptography was proposed. Security analysis is carried out for the certificateless signature scheme presented by Pan et al,which shows that the scheme is insecure against public key replacement attack and malicious KGC attack. Detailed attack method is given. Aiming at these problem,the scheme is improved by the modification of traditional certificateless signature algorithm sequence and regularly update of user' s secret values in this paper. And the improved scheme also enhances the relationship between identity information with other pa-rameters to meet the security requirements. Its security relies on the hardness of the DL problem,CDH problem and Inverse-CDH prob-lem. Under the random oracle model,the new scheme is proved to be secure. Furthermore,it has better overall performances and forward security than the scheme presented by Pan et al.
