计算机应用 ›› 2010, Vol. 30 ›› Issue (2): 510-512.

• 信息安全 • 上一篇    下一篇

没有双线性对的无证书签名方案的分析与改进

陈江山1,黄振杰2   

  1. 1. 福建省漳州师范学院数学与信息科学系
    2.
  • 收稿日期:2009-08-09 修回日期:2009-09-24 发布日期:2010-02-10 出版日期:2010-02-01
  • 通讯作者: 陈江山
  • 基金资助:
    福建省自然科学基金项目;福建省属高校科研专项

On the security of certificateless signature scheme without pairing

  • Received:2009-08-09 Revised:2009-09-24 Online:2010-02-10 Published:2010-02-01

摘要: 无证书公钥密码体制不需要证书对公钥进行认证,同时也克服了基于身份密码体制中存在的密钥托管问题。通过对一个没有双线性对的无证书签名方案进行了安全性分析,指出其对KGC攻击是不安全的。然后,对原方案进行了改进,改进后的方案同样没有对运算。改进方案的安全性基于离散对数困难问题。

关键词: 无证书签名, 密码学分析, 离散对数问题, 随机预言机模型, 存在性不可伪造

Abstract: Certificateless public key cryptology does not need certificates to verify the validity of public key, and overcomes the key escrow problem in ID-based public key cryptology. By analyzing the security of a certificateless signature scheme without pairing, it was pointed out that the scheme is insecure against a malicious Key Generating Centre (KGC) attack. Then, an improved scheme was proposed, whose security was based on the Discrete Logarithm Problem (DLP).

Key words: certificateless signature, cryptanalysis, Discrete Logarithm Problem (DLP), random oracle model, existential unforgeability