网络与信息安全学报 ›› 2020, Vol. 6 ›› Issue (3): 108-112.doi: 10.11959/j.issn.2096-109x.2020039

• 学术论文 • 上一篇    下一篇

几个无证书签名方案的伪造攻击

王菁1,李祖猛2   

  1. 1 广州市信息工程职业学校基础部,广东 广州 510640
    2 广东科学技术职业学院计算机工程技术学院(人工智能学院),广东 珠海 519090
  • 修回日期:2019-07-29 出版日期:2020-06-01 发布日期:2020-07-01
  • 作者简介:王菁(1983- ),女,山西运城人,硕士,主要研究方向为最优化理论与方法、网络算法及其在通信网中的应用|李祖猛(1984- ),男,山东临清人,硕士,主要研究方向为密码学与信息安全

Forgery attacks on several certificateless signature schemes

Jing WANG1,Zumeng LI2   

  1. 1 Foundation Department,Guangzhou Information Engineering Vocational School,Guangzhou 510640,China
    2 Computer Engineering Technical College(Artificial Intelligence College),Guangdong Polytechnic of Science and Technology,Zhuhai 519090,China
  • Revised:2019-07-29 Online:2020-06-01 Published:2020-07-01

摘要:

自2003年Al-Riyami和Paterson首次提出无证书公钥密码体制的概念和第一个无证书签名方案以来,许多无证书签名方案相继被提出。汤永利等提出了9个无双线性对运算的无证书签名方案,并声称这些无证书签名方案在椭圆曲线离散对数困难性假设下可证明是安全的。通过对这些无证书签名方案进行安全性分析后,发现其中的5个可证明安全的无证书签名方案不能抵抗替换公钥攻击,并且这5个无证书签名方案中的3 个签名方案即使在不替换用户公钥的情况下,攻击者也可以利用用户的原始公钥对任意消息伪造出有效的签名。给出了具体的伪造攻击方法,证明了这5个无证书签名方案是不安全的。

关键词: 无证书签名, 椭圆曲线, 离散对数, 公钥替换攻击

Abstract:

Since Al-Riyami and Paterson proposed the novel concept of certificateless cryptography and the first certificateless signature scheme in 2003,a lot of certificateless signature schemes were proposed one after another.Recently,Tang et al proposed nine certificateless signature schemes without bilinear pairing.Although they demonstrated that their schemes were unforgeable under the assumption of elliptic curve discrete logarithmic problem,it can be found that five of their schemes could not resist the public key substitution attack,the attacker could use the user's original public key to forge a valid signature for three of these schemes.The attack methods are to demonstrate that prove five certificateless signature schemes are insecure.

Key words: certificateless signature, elliptic curve, discrete logarithm problem, public key replacement attack

中图分类号: 

No Suggested Reading articles found!