摘要： 证明Lu Rongbo等人的代理签名方案(Proc. of the 8th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, 2007)不能抵抗替换公钥攻击和恶意但被动的密钥生成中心(KGC)攻击，普通攻击者可通过替换公钥伪造出有效的代理签名，KGC通过恶意但被动的KGC攻击可获得用户的私钥，从而能任意伪造出有效的代理签名。针对替换公钥攻击和KGC攻击，提出一个改进方案，新方案满足代理签名的安全性要求，能有效抵抗替换公钥攻击和恶意但被动的KGC攻击。

关键词: 无证书公钥密码体制, 代理签名, 双线性对

Abstract: This paper shows that Lu’s proxy signature is insecure against a key replacement attack and malicious-but-passive(KGC) attack. The attack shows that anyone who replaces both the original signer and the proxy signer’s public key can forge valid signatures which seems to be generated by the proxy signer on behalf of this adversary himself, and KGC who can’t replace the public key can get the signers’ private keys and forge valid signatures. To thwart these attacks, this paper improves the scheme. The improved scheme is secure against the key replcement attack and the malicious-but-passive KGC attack.

Key words: ceritficateless public key cryptography, proxy signature, bilinear pairing

中图分类号: 

• TP309.2