摘要
对一种无证书签密方案和一种基于离散对数难题(DLP)的自认证代理签密方案进行了分析。发现在无证书签密方案中,除了Selvi等人(SELVI S S D,VIVEK S S,RANGAN C P.Security weaknesses in two certificatelesssigncryption schemes.http://eprint.iacr.org/2010/092.pdf)提出的一种类型Ⅰ的攻击外,还存在着伪造攻击,该伪造攻击能够成功地伪造签密并使之通过签密验证,并且不具有公开可验证性。在基于DLP的自认证代理签密方案中,由于"孤悬因子"的存在,一个不诚实的接收者能够以任意发送者的身份伪造对消息的签密并通过验证。给出了攻击方法,并针对两种方案的缺陷,提出了改进方案。通过安全性分析,证明了改进方案是安全的,能有效克服原方案的缺陷。
A certificateless signcryption scheme and a self-certified proxy signcryption scheme based on Discrete Logarithm Problem(DLP) were analyzed.It was pointed out that,in this certificateless signcryption scheme,besides the type Ⅰ attack proposed by Selvi et al.(SELVI S S D,VIVEK S S,RANGAN C P.Security weaknesses in two certificateless signcryption schemes.http://eprint.iacr.org/2010/092.pdf),there was another forgery attack which could successfully forge a signcryption passing the verification procedure and did not have public verifiability.In the self-certified proxy signcryption scheme based on Discrete Logarithm Problem(DLP),because of the existence of suspending-factor,any dishonest receiver could forge a signcryption passing the verification procedure.The attack methods and the improvement methods were presented.The experimental results prove that the proposed scheme is secure and effective,and it overcomes the flaw in the original schemes.
出处
《计算机应用》
CSCD
北大核心
2011年第8期2196-2200,共5页
journal of Computer Applications
关键词
签密
无证书
代理签密
双线性映射
离散对数问题
孤悬因子
signcryption
certificateless
proxy signcryption
bilinear mapping
Discrete Logarithm Problem(DLP)
suspending-factor
