两个无证书聚合签名方案的安全性分析

罗敏; 孙腾; 张静茵; 李莉

doi:10.11999/JEIT151350

两个无证书聚合签名方案的安全性分析

doi: 10.11999/JEIT151350

1.
(武汉大学计算机学院武汉 430072) ②(武汉大学国际软件学院武汉 430072)

基金项目:

国家自然科学基金(61402339)

计量
- 文章访问数: 1472
- HTML全文浏览量: 161
- PDF下载量: 376
- 被引次数: 0
出版历程
- 收稿日期: 2015-12-01
- 修回日期: 2016-05-27
- 刊出日期: 2016-10-19

Security Analysis on Two Certificateless Aggregate Signature Schemes

1.
(Computer School, Wuhan University, Wuhan 430072, China)
2.
(International School of Software, Wuhan University, Wuhan 430072, China)

Funds:

The National Natural Science Foundation of China (61402339)

摘要

摘要: 张玉磊等人(2015)提出了两种无证书聚合签名方案，并证明其方案在随机预言机模型下是可证明安全的。该文分析张玉磊等人提出的两种方案的安全性，指出了第1种方案可以抵抗两类攻击者的攻击；第2种方案不能抵抗第1类攻击者和第2类攻击者的攻击，给出详细的攻击过程，证明攻击者伪造出的签名可以通过验证，分析了第2种方案存在伪造攻击的原因，提出了改进的方案。
- 公钥密码体制 /
- 无证书聚合签名 /
- KGC被动攻击 /
- 计算性Diffie-Hellman问题 /
- 签名伪造
Abstract: Zhang et al. (2015) proposed two certificateless aggregate signature schemes, and they demonstrated that both of their schemes are provably secure in the random oracle model. This paper analyzes the security of two schemes proposed by Zhang et al. and indicates that the first scheme can resist the attacks by Type 1 and Type 2 adversaries, and the second scheme can not resist the attacks by Type 1 and Type 2 adversaries. The study shows the processes of concrete forgery attacks, and proves the validity of the forged signature by attackers. The reasons of forgery attacks in the second scheme are analyzed, and the modified scheme is proposed.
- Public key cryptography /
- Certificateless aggregate signature /
- KGC passive attack /
- Computational Diffie-Hellman problem /
- Signature forgery

HTML全文

参考文献(19)

DIFFIE W and HELLMAN M E. New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976, 22(6): 644-654.

SHAMIR A. Identity-based cryptosystems and signature schemes[C]. Advances in Cryptology-CRYPTO84, Berlin, Springer-Verlag, 1984: 47-53.

王竹, 戴一齐, 顺顶锋. 普适安全的基于身份的签名机制. 电子学报, 2011, 39(7): 1613-1617.

WANG Zhu, DAI Yiqi, and YE Dingfeng. Universally composable identity-based signature[J]. Acta Electronica Sinica, 2011, 39(7): 1613-1617.

DU Hongzhen and WEN Qiaoyan. An efficient identity-based short signature scheme from bilinear pairings[C]. IEEE Computer Society, Washington D.C., USA: 2007: 725-729.

AL-RIYAMI S S and PATERSON K G. Certificateless public key cryptography[C]. Advances in Cryptology- ASIACRYPT03, Berlin, Springer-Verlag, 2003: 452-473.

ZHANG Lei, WU Qianhong, JOSEP D F, et al. Signatures in hierarchical certificateless cryptography: Efficient constructions and provable security[J]. Infomation Sciences, 2014, 272(10): 223-237. doi: 10.1016/j.ins.2014.02.085.

CHEN Hu, ZHU Changjie, and SONG Rushun. Efficient certificateless signature and group signature schemes[J]. Journal of Computer Research and Development, 2010, 47(2): 231-237.

BONEN D, GENTRY C, LYNN B, et al. Aggregate and verifiably encrypted signatures from bilinear maps[C]. Advances in Cryptology-EUROCRYPT03, Berlin, Springer- Verlag, 2003: 416-432. doi: 10.1007/3-540-39200-9_26.

LYSYANSKAYA A, MICALI S, REYZIN L, et al. Sequential aggregate signatures from trapdoor permutations[C]. Advances in Cryptology-EUROCRYPT04, Berlin, Springer- Verlag, 2004: 74-90. doi: 10.1007/978-3-540-24676-3_5.

GONG Zheng, LONG Yu, HONG Xuan, et al. Two certificateless aggregate signatures from bilinear maps[C]. Proceedings of the IEEE SNPD07, Qingdao, China: 2007, 3: 188-193. doi: 10.1109/SNPD.2007.132.

ZHANG Lei and ZHANG Futai. A new certificateless aggregate signature scheme[J]. Computer Communications, 2009, 32(6): 1079-1085. doi: 10.1016/j.comcom.2008.12.042.

YU Xiuying and HE Dake. New certificateless aggregate signature scheme[J]. Application Research of Computers, 2014, 31(8): 2485-2487.

XIONG Hu, GUAN Zhi, CHEN Zhong, et al. An efficient certificateless aggregate signature with constant pairing computations[J]. Information Sciences, 2013, 219: 225-235. doi: 10.1016/j.ins.2012.07.004.

HE Debiao, TIAN Miaomiao, and CHEN Jianhua. Insecurity of an efficient certificateless aggregate signature with constant pairing computations[J]. Information Sciences, 2014, 268: 458-462. doi: 10.1016/j.ins.2013.09.032.

明洋, 赵祥模, 王育民. 无证书聚合签名方案[J]. 电子科技大学学报, 2014, 43(2): 188-193. doi: 10.3969/j.issn.1001-0548. 2014.02.005.

MING Yang, ZHAO Xiangmo, and WANG Yumin. Certificateless aggregate signature scheme[J]. Journal of University of Electronic Science and Technology of China, 2014, 43(2): 188-193. doi: 10.3969/j.issn.1001-0548.2014.02. 005.

张玉磊, 李臣意, 王彩芬, 等. 无证书聚合签名方案的安全性分析和改进[J]. 电子与信息学报, 2015, 37(8): 1994-1999. doi: 10.11999/JEIT141635.

ZHANG Yulei, LI Chenyi, WANG Caifen, et al. Security analysis and improvements of certificateless aggregate signature schemes[J]. Journal of Electronics Information Technology, 2015, 37(8): 1994-1999. doi: 10.11999/ JEIT141635.

施引文献

资源附件(0)

访问统计