摘要
分析了唐文等人提出的一种基于ECC(椭圆曲线密码体制)的组合公钥技术的安全性特点,给出了两种合谋攻击的方法。第1种方法称之为选择合谋攻击,一个用户与其选择的具有某些映射特点的w(≥2)个用户合谋,可以得到2w-w-1个不同用户的私钥。第2种方法称之为随机合谋攻击,两个合谋用户首先计算其公钥的差值?k21和?k12,然后在公开的公钥因子矩阵中任意选取组合公钥,通过计算所选取的公钥与两个合谋用户之一的公钥的差值是否等于△k21或?k12,从而达到攻击的目标。
This paper analyzes the security of an elliptic curve cryptography-based combined public key technique due to Tang Wen and some others. Because of some security vulnerabilities of the proposed technique, it gives two kinds of collusion attack methods, and calls the first method as a choice collusion attack, if a customer chooses w customers with some mapping characteristics and colludes them, they will get the 2^w-w- 1 other customers' private keys. And it calls the second method a random collusion attack. Two collusive customers first compute their public keys' difference △k21 and △k12, and then they choose public key from public key factor matrix random. Suppose one of the differences between the chosen public key and the two collusive customers' key is equal to △k21 or △k12, the attack succeeds.
出处
《计算机工程》
CAS
CSCD
北大核心
2008年第1期156-157,共2页
Computer Engineering
关键词
公钥密码
私钥
椭圆曲线
public-key cryptography
private key
elliptic curve