Abstract:
A multi-proxy signature scheme is proposed by Lee et al. However, their scheme is insecure. A forgery attack on their multi-proxy signature scheme is proposed in this paper. Using the forgery attack, a dishonest original signer can forgery a proxy signing key on behalf of all the original signers without their agreements and produce valid multi-proxy signatures, which does harm to the benefits of the proxy signer and other original signers. Four improved proxy key generation algorithms are also proposed to repair the scheme, which can resist effectively the forgery attack of original signers.
Key words:
digital signature,
proxy signature,
multi-proxy signature
摘要: 分析Lee提出的代理多签名方案,给出一种伪造攻击,利用该攻击,一个不诚实的原始签名人在不经过其他原始签名人的同意下,可以成功伪造代理签名密钥,从而可以假冒诚实的代理签名人生成验证有效的代理多签名,威胁到代理签名人和其他原始签名人的合法权益。提出4种改进的代理密钥生成算法来修正Lee的方案,可以有效抵抗恶意原始签名人的伪造攻击。
关键词:
数字签名,
代理签名,
代理多签名
CLC Number:
LIU Wen-hua; NIE Yong-wei; YU Yong. Cryptanalysis and Repair of Multi-proxy Signature Scheme[J]. Computer Engineering, 2009, 35(15): 149-150.
刘文化;聂永卫;禹 勇. 代理多签名方案的密码学分析与修正[J]. 计算机工程, 2009, 35(15): 149-150.