电子学报 ›› 2018, Vol. 46 ›› Issue (3): 602-606.DOI: 10.3969/j.issn.0372-2112.2018.03.013

• 学术论文 • 上一篇    下一篇

一种强不可伪造无证书签名方案的密码学分析与改进

吴涛, 景晓军   

  1. 北京邮电大学信息与通信工程学院, 北京 100876
  • 收稿日期:2016-09-27 修回日期:2017-05-07 出版日期:2018-03-25
    • 作者简介:
    • 吴涛,男.1984年7月出生,四川省达州市人.2010年于西南交通大学信息科学与技术学院取得密码学硕士学位.2013年进入北京邮电大学信息与通信工程学院,现攻读博士学位,主要从事无线与移动通信技术,保密传输技术方面有关研究.E-mail:wootao@foxmail.com;景晓军,男.现为北京邮电大学信息与通信工程学院教授,博士生导师.1999年获国防科技大学信息与通信系统专业博士学位,主要从事信息融合、图像处理、模式识别方面有关研究.E-mail:jxiaojun@bupt.edu.cn

Cryptanalysis and Improvement of a Certificateless Signature Scheme with Strong Unforgeability

WU Tao, JING Xiao-jun   

  1. School of Information and Communication Engineering, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2016-09-27 Revised:2017-05-07 Online:2018-03-25 Published:2018-03-25

摘要: 无证书密码体制是无线网络中一种非常有效安全保护工具.2016年,Hung等人提出了标准模型下一种强不可伪造性的无证书签名方案,该方案声称在抗哈希碰撞问题和计算Diffle-Hellman困难问题假设下是安全不可伪造的.事实上,该方案对类型II敌手是不安全的.本文给出对Hung等的方案的安全性分析,并证明对于类型II敌手可以伪造出合法签名,针对存在问题提出一种改进的无证书签名方案.

关键词: 无证书签名, 双线性对, 安全性分析, 抗哈希碰撞, Diffle-Hellman假设

Abstract: Certificateless cryptographic schemes are very useful secure protection tools in wireless network. Quite recently, a certificateless signature with strong unforgeability in the standard model was presented by Hung, et al. in 2016. Although they demonstrated that their scheme was secure and unforgeable under the collision resistant hash and computational Diffie Hellman assumptions, but we find that it is not secure against type II adversary. In this paper, we give security analysis to their scheme, and show that by giving concrete attack, a type II adversary could forge a legal signature of any message. We also put forward a possible fix of certificateless scheme which can solve secure problem.

Key words: certificateless signature, bilinear pairings, cryptanalysis, collision resistant hash, Diffie-Hellman assumptions

中图分类号: