摘要
对六个签密方案进行了安全性分析,指出它们都存在保密性的安全问题,其中两个方案还存在不可伪造性的安全问题。对每一个安全问题都给出了具体的攻击方法,并使用加密部分绑定发送者、签名部分绑定接收者、验证等式不含明文信息和部分私钥生成时绑定公钥的方法对每一个方案给出了改进措施。对改进后的方案给出了随机预言机模型下的安全性证明。安全分析表明,改进方案是安全的。最后提出了设计签密方案时必须注意的几个问题。
We analyze six signcryption schemes and find confidentiality problem in all of them and unforgeability problem in two of them. Then some concrete attacks are presented for these problems. We improve the six schemes using the following methods: binding the sender in the encryption part, binding the receiver in the signature part, verifying equation without plaintext information and binding public key when producing partial private key. These improved schemes are verified in the random oracle model, and security analysis shows that these improved schemes are secure. Finally we point out that some principles must be paid attention to when designing signcryption schemes.
出处
《计算机工程与科学》
CSCD
北大核心
2016年第11期2246-2253,共8页
Computer Engineering & Science
基金
国家自然科学基金(61462048
61562047)
九江学院校级重点课题(2013ZD02)
关键词
签密
基于身份的签密
无证书签密
公钥替换攻击
双线性对
signcryption
identity-based signcryption
certificateless signcryption
public key replacement attack
bilinear pairing
