两种群签名方案的安全性分析
Security Cryptanalysis of Two Group Signature Schemes
-
摘要: 群签名允许群成员以匿名的方式代表整个群体对消息进行签名。而且,一旦发生争议,群管理员可以识别出签名者。该文对Posescu(2000)群签名方案和Wang-Fu(2003)群签名方案进行了安全性分析,分别给出一种通用伪造攻击方法,使得任何人可以对任意消息产生有效群签名,而群权威无法追踪到签名伪造者。因此这两个方案都是不安全的。
-
关键词:
- 群签名; 伪造攻击; 不关联性
Abstract: Group signature schemes allow a group member to anonymously sign on groups behalf. Moreover, in case of anonymity misuse.a group manager can recover the issuer of a signature. This paper analyzes the security of two group signature schemes recently proposed respectively by Posescu (2000) and Wang Xiaoming (2003), and shows that both schemes are universally forgeable, that is, anyone (not necessarily a group member) is able to produce a valid group signature on an arbitrary message, which cannot be traced by the group manager. So both schemes are insecure. -
Chaum D, van Heijst. Group signatures. In Advances in Cryptology-EUROCRYPT91, LNCS 547, Springer-Verlag,1991:257 - 265.[2]Tseng Yuh-Min, Jan Jinn-Ke. A novel ID-based group signature.In T. L. Hwang and A. K. Lenstra, editors, 1998 International Computer Symposium, Workshop on Cryptology and Information Security, Tainan, December 17 - 19, 1998:159 - 164.[3]Lee Wei-Bin, Chang Chin-Chen. Efficient group signature scheme based on the discrete logarithm[J].IEE Proc. Comput. Digit.Tech.1998, 145(1):15-[4]Tseng Yuh-Min, Jan Jinn-Ke. Improved group signature scheme based on discrete logarithm problem[J].Electronics Letters.1999,35(1):37-[5]Popescu C. A modification of the Tseng-Jan group signature scheme. Studia Universitatis Babes-Bolyai Informatica, 2000,XLV(2): 36 - 40.[6]王晓明,符方伟.一个安全的群签名方案[J].电子与信息学报.2003,25(5):657-663浏览 -
点击查看大图
计量
- 文章访问数: 2236
- HTML全文浏览量: 88
- PDF下载量: 777
- 被引次数: 0
下载:
