计算机应用 ›› 2011, Vol. 31 ›› Issue (08): 2196-2200.DOI: 10.3724/SP.J.1087.2011.02196

• 信息安全 • 上一篇    下一篇

两种签密方案的密码学分析与改进

范函1,2,张少武2   

  1. 1. 许继昌南通信设备有限公司,河南 许昌 461000
    2. 信息工程大学 电子技术学院,郑州 450004
  • 收稿日期:2011-02-23 修回日期:2011-04-18 发布日期:2011-08-01 出版日期:2011-08-01
  • 通讯作者: 范函
  • 作者简介:范函(1963-),男,河南许昌人,工程师,硕士研究生,主要研究方向:密码学、数字签名;张少武(1964-),男,河南洛阳人,教授,主要研究方向:密码学、信息安全。

Cryptanalysis and improvement of two signcryption schemes

Han FAN1,2,Shao-wu ZHANG2   

  1. 1. XJ Changnan Communications Equipment Company Limited,Xuchang Henan 461000,China 2. Institute of Electronic Technology,Information Engineering University,Zhengzhou Henan 450004,China
  • Received:2011-02-23 Revised:2011-04-18 Online:2011-08-01 Published:2011-08-01
  • Contact: Han FAN

摘要: 对一种无证书签密方案和一种基于离散对数难题(DLP)的自认证代理签密方案进行了分析。发现在无证书签密方案中,除了Selvi等人(SELVI S S D, VIVEK S S, RANGAN C P. Security weaknesses in two certificateless signcryption schemes. http://eprint.iacr.org/2010/092.pdf)提出的一种类型Ⅰ的攻击外,还存在着伪造攻击,该伪造攻击能够成功地伪造签密并使之通过签密验证,并且不具有公开可验证性。在基于DLP的自认证代理签密方案中,由于“孤悬因子”的存在,一个不诚实的接收者能够以任意发送者的身份伪造对消息的签密并通过验证。给出了攻击方法,并针对两种方案的缺陷,提出了改进方案。通过安全性分析,证明了改进方案是安全的,能有效克服原方案的缺陷。

关键词: 签密, 无证书, 代理签密, 双线性映射, 离散对数问题, 孤悬因子

Abstract: A certificateless signcryption scheme and a self-certified proxy signcryption scheme based on Discrete Logarithm Problem (DLP) were analyzed. It was pointed out that, in this certificateless signcryption scheme, besides the type Ⅰ attack proposed by Selvi et al. (SELVI S S D, VIVEK S S, RANGAN C P. Security weaknesses in two certificateless signcryption schemes. http://eprint.iacr.org/2010/092.pdf), there was another forgery attack which could successfully forge a signcryption passing the verification procedure and did not have public verifiability. In the self-certified proxy signcryption scheme based on Discrete Logarithm Problem (DLP), because of the existence of suspending-factor, any dishonest receiver could forge a signcryption passing the verification procedure. The attack methods and the improvement methods were presented. The experimental results prove that the proposed scheme is secure and effective, and it overcomes the flaw in the original schemes.

Key words: signcryption, certificateless, proxy signcryption, bilinear mapping, Discrete Logarithm Problem (DLP), suspending-factor

中图分类号: