论文部分内容阅读
对一种高效无证书强代理签名方案进行了分析,指出该方案对于公钥替换攻击是不安全的.证明了敌手不仅可以通过替换原始签名者的公钥伪造代理授权,而且可以通过同时替换原始签名者和代理签名者的公钥伪造任意消息的代理签名.针对这2种公钥替换攻击提出了改进方案,使得改进后的方案克服了原方案的安全缺陷,满足了无证书强代理签名方案的安全性要求.
An efficient non-cipher strong proxy signature scheme is analyzed and the scheme is proved to be insecure for public key replacement attacks. It is proved that an adversary can not only forge the proxy authorization by replacing the original signer’s public key, but also can replace the original The proxy signature of the signer and the proxy signer falsifies the proxy signature of any message.Aiming at these two kinds of public key replacement attacks, an improved scheme is proposed, which makes the improved scheme overcome the security flaws of the original scheme and satisfy the certificateless strong proxy signature scheme Security requirements.