• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2014, Vol. 36 ›› Issue (11): 2153-2158.

• 论文 • 上一篇    下一篇

两个标准模型下可证明安全的代理签名方案分析和改进

吴淑坤   

  1. (唐山师范学院计算机科学系,河北 唐山 063000)
  • 收稿日期:2013-02-17 修回日期:2013-07-28 出版日期:2014-11-25 发布日期:2014-11-25

Analysis and improvement of two provable secure
proxy signature schemes in the standard model      

WU Shukun   

  1. (Department of Computer Science,Tangshan Normal University,Tangshan 063000,China)
  • Received:2013-02-17 Revised:2013-07-28 Online:2014-11-25 Published:2014-11-25

摘要:

对最近冀会芳等学者和于义科等学者提出的基于Waters的两个标准模型下可证明安全的代理签名方案进行了安全分析,指出了这两个方案中存在的不足和缺陷,即存在授权伪造,任何人可以伪装成原始签名者向代理签名者发出有效的代理授权证书;存在代理签名伪造,任何人在不知道代理签名密钥的情况下,可伪造代理签名者的签名。提出了一个能克服缺陷的、改进的代理签名方案,并对改进方案的正确性、有效性和安全性进行了详细分析。分析显示,与两个原方案相比,改进的方案具有同样的签名长度、几乎一样的执行效率,但是更加安全。

关键词: 代理签名, 基于身份的密码, 安全分析, 不可伪造性

Abstract:

The security of two provable secure proxy signature schemes based on Waters in the standard mode, which are proposed by Ji et al. and Yu et al. recently,is analyzed,and the two drawbacks of the two schemes are pointed out: delegation forgeability exists so that anyone may disguise as the original signer to issue valid proxy delegation warrants to the proxy signer, and proxy signature forgeability exists so that anyone can forge the signature of the proxy signer without knowing the private key of the proxy signer.An improved proxy signature scheme that can overcome the drawbacks is proposed,and its correctness,efficiency and security are analyzed in detail. The analysis shows that the improved scheme has the same length of signature and almost the same execution efficiency in comparison to the two original schemes,but has higher security.

Key words: proxy signature;identity-based cryptography;security analysis;unforgeability