摘要： 分析了唐文等人提出的一种基于ECC(椭圆曲线密码体制)的组合公钥技术的安全性特点，给出了两种合谋攻击的方法。第1种方法称之为选择合谋攻击，一个用户与其选择的具有某些映射特点的w( 2)个用户合谋，可以得到2w-w-1个不同用户的私钥。第2种方法称之为随机合谋攻击，两个合谋用户首先计算其公钥的差值 和 ，然后在公开的公钥因子矩阵中任意选取组合公钥，通过计算所选取的公钥与两个合谋用户之一的公钥的差值是否等于 或 ，从而达到攻击的目标。

关键词: 公钥密码, 私钥, 椭圆曲线

Abstract: This paper analyzes the security of an elliptic curve cryptography-based combined public key technique due to Tang Wen and some others. Because of some security vulnerabilities of the proposed technique, it gives two kinds of collusion attack methods, and calls the first method as a choice collusion attack. if a customer chooses w customers with some mapping characteristics and colludes them, they will get the 2w-w-1 other customers’ private keys. And it calls the second method a random collusion attack. Two collusive customers first compute their public keys’ difference and , and then they choose public key from public key factor matrix random. Suppose one of the differences between the chosen public key and the two collusive customers’ key is equal to or , the attack succeeds.

Key words: public-key cryptography, private key, elliptic curve

中图分类号: 

• TP309