摘要: 分析明洋等提出的无证书签名方案(电子科技大学学报,2008年第37卷第2期),指出该方案不能抵抗公钥替换攻击。采用“绑定”公钥到哈希函数的方法对明方案进行改进,改进方案可以抵抗公钥替换攻击并具有较高的效率,其安全性依赖于q-SDH困难问题和扩展逆计算Diffie-Hellman困难问题。在随机预言机模型下,证明改进方案能够抵抗适应性选择消息攻击下的存在性伪造。
关键词:
无证书签名,
公钥替换攻击,
q-SDH问题,
扩展逆计算Diffie-Hellman问题
Abstract: This paper shows that Ming’s Certificateless Signature(CLS) scheme(Journal of University of Electronic Science and Technology, volume 37, No.2) is insecure against key replacement attacks. The scheme is improved by binding technology. The improved scheme is secure against public key replacement attack and is more efficient than Ming’s scheme. Its security relies on the hardness of the q-Strong Diffie-Hellman(q-SDH) problem and Extend-Inverse-Computational Diffie-Hellman(E-Inv-CDH) problem. Under the random oracle model, the improved scheme is proved to be secure against existential forgery on adaptively chosen message attacks.
Key words:
Certificateless Signature(CLS),
public key substitution attack,
q-Strong Diffie-Hellman(q-SDH) problem,
Extend-Inverse- Computational Diffie-Hellman(E-Inv-CDH) problem
中图分类号:
张玉磊, 王彩芬, 张永洁, 韩亚宁, 程文华. 无证书签名改进方案的安全性证明[J]. 计算机工程, 2010, 36(12): 170-172.
ZHANG Yu-Lei, WANG Cai-Fen, ZHANG Yong-Ji, HAN E-Ning, CHENG Wen-Hua. Security Proof of Improved Certificateless Signature Scheme[J]. Computer Engineering, 2010, 36(12): 170-172.