摘要：

分析周敏等人提出的一种无证书可验证加密签名方案(计算机科学, 2009年第8期)，指出该方案不能抵抗公钥替换攻击，不满足可验证加密签名的2个基本安全属性：不可伪造性和可提取性。此外，该方案还存在密钥托管问题，不具备无证书公钥密码系统的优点。

关键词: 无证书公钥密码系统, 可验证加密签名, 密钥托管, 公钥替换攻击, 安全性分析

Abstract:

This paper analyzes a certificateless verifiably encrypted signature scheme which is proposed by Zhou Min et al and points out that their scheme can’t resist the public key replacement attack, it does not satisfy two basic security properties of verifiably encrypted signature: unforgeab- ility and extractability. Moreover, their scheme has key escrow issue, so it has not the advantages of certificateless public key cryptosystem.

Key words: certificateless public key cryptosystem, verifiably encrypted signature, key escrow, public key replacement attack, cryptanalysis

中图分类号: 

• TP309.2