本文已被:浏览 1429次 下载 2683次
Received:June 07, 2014 Revised:July 07, 2014
Received:June 07, 2014 Revised:July 07, 2014
中文摘要: 通过对翟正元等人新近提出的基于证书的代理盲签名方案进行了分析, 发现该签名方案并不安全, 至少能够受到两种替换公钥攻击. 攻击者通过替换原始签名的公钥或者替换代理签名者的公钥都能够做到对任意选择的消息成功伪造签名. 另外, 对陈建能等人给出的基于证书聚合签名进行了安全性分析, 指出该签名方案同样能够受到替换公钥攻击. 所给出这些的攻击方法对于基于证书签名的构造具有借鉴意义.
Abstract:A new certificate-based proxy blind signature scheme is analyzed, which is proposed by Di Zhengyuan etc.. However, this scheme is insecure, because it can suffer from at least two types of public key replacement attack. That is, any one can replace the public key of the original singer or the public key of the proxy singer, and then forge a valid proxy signature on any message. In addition, the new certificate-based aggregate signature scheme propose by Chen Jianneng etc., is analyzed. The result showed that their signature scheme also can suffer from the public key replacement attack. Furthermore, the attack method in this paper has valuable reference to the construction of the type of certificate-based proxy signature.
keywords: certificate-based proxy signature blind signature aggregate signature public key replacement attack bilinear pairings
文章编号: 中图分类号: 文献标志码:
基金项目:国家自然科学基金(61373140);福建省教育厅项目(JA12291);莆田学院教改项目(JG2012020)
引用文本:
王海民,张金辉,黄慧.两类新的基于证书签名方案的安全性分析.计算机系统应用,2015,24(2):211-215
WANG Hai-Ming,ZHANG Jin-Hui,HUANG Hui.Cryptanalysis of Two New Certificate-Based Signature Schemes.COMPUTER SYSTEMS APPLICATIONS,2015,24(2):211-215
王海民,张金辉,黄慧.两类新的基于证书签名方案的安全性分析.计算机系统应用,2015,24(2):211-215
WANG Hai-Ming,ZHANG Jin-Hui,HUANG Hui.Cryptanalysis of Two New Certificate-Based Signature Schemes.COMPUTER SYSTEMS APPLICATIONS,2015,24(2):211-215