计算机工程 ›› 2018, Vol. 44 ›› Issue (11): 115-118.doi: 10.19678/j.issn.1000-3428.0050253

• 安全技术 • 上一篇    下一篇

一个高效的基于身份签名方案的安全性分析

杨小东1,2,肖立坤1,李雨桐1,陈春霖1,王彩芬1   

  1. 1.西北师范大学 计算机科学与工程学院,兰州 730070; 2.密码科学技术国家重点实验室,北京 100878
  • 收稿日期:2018-01-23 出版日期:2018-11-15 发布日期:2018-11-15
  • 作者简介:杨小东(1981—),男,副教授、博士后,主研方向为代理重签名;肖立坤、李雨桐、陈春霖,硕士研究生;王彩芬,教授、博士。
  • 基金项目:

    国家自然科学基金(61662069,61562077);中国博士后科学基金(2017M610817);甘肃省科技计划项目(1506RJZA130);兰州市科技计划项目(2013-4-22);西北师范大学青年教师科研能力提升计划项目(NWNU-LKQN-14-7)。

Security Analysis of An Efficient Identity-Based Signature Scheme

YANG Xiaodong 1,2,XIAO Likun 1 ,LI Yutong 1 ,CHEN Chunlin1 ,WANG Caifen 1   

  1. 1.College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China; 2.State Key Laboratory of Cryptology,Beijing 100878,China
  • Received:2018-01-23 Online:2018-11-15 Published:2018-11-15

摘要:

黄一才等人(密码学报,2017年第5期)提出一个高效的基于身份签名方案,并采用混合游戏的方法在标准模型中证明该签名方案是强不可伪造,其安全性依赖于CDH假设。但是方案的安全性证明存在严重的安全缺陷。为分析该方案的安全性,构造一个多项式时间区分算法,以不可忽略的概率区分模拟签名与真实签名的概率分布,表明模拟游戏和真实游戏是可区分的,从而说明黄一才方案不能正确地证明该方案是强不可伪造的。设计一个多项式时间算法输出该方案的伪造签名,挑战者无法利用伪造的签名求解CDH问题。安全性分析结果表明,该方案的安全性并不能归约到CDH假设,将其安全性归约到CDH假设的结论是错误的。

关键词: 基于身份签名, 可证明安全, 混合游戏, 强不可伪造, 安全性分析

Abstract:

HUANG Yicai et al (Journal of Cryptologic Research,No.5,2017) proposes an efficient identity-based signature scheme,which uses a hybrid game approach to prove that the scheme is strongly unforgeable in a standard model,and its security depends on the Computational Diffie-Hellman(CDH) hypothesis.However,the security of the scheme proves that there are serious security flaws.In order to analyze the security of the scheme,a polynomial-time disting uish algorithm is constructed to distinguish the probability distribution of simulated signatures from that of real signatures with a non-negligible probability,which indicates that the simulated game and the real game are distinguishable.Therefore,the security proof of the scheme can not prove that the scheme is strong and unfalsifiable.Designing a polynomial time algorithm to output the forged signature of the scheme,the challenger cannot use the forged signature to solve the CDH problem.Security analysis results show that the security of the scheme cannot be reduced to the CDH hypothesis,and the conclusion that the security is reduced to the CDH hypothesis is wrong.

Key words: identity-based signature, provable security, hybrid game, strong unforgeability, security analysis

中图分类号: