摘要
针对周萍等人的无可信PKG的盲签名方案详细分析了其安全性,指出方案不能抵抗敌手AⅠ伪造攻击,敌手AⅠ可对用户的部分公钥进行替代,生成对任意消息的合法盲签名。为此,提出了相应的改进方案。改进的方案在验证等式中增加了系统参数,有效地证明了签名者拥有合法的SID,从而防止了敌手AⅠ的公钥替代攻击。分析表明,改进的方案是安全的,能抵抗敌手AⅠ,AⅡ,AⅢ的伪造攻击。
This paper analyzed the security of blind signature scheme without trusted PKG proposed by Zhou Ping,et al. It showed that the scheme couldn't resist the forgery attack of the type one adversary AⅠ. The adversary AⅠcould substitute the user's partial public key and forge a valid blind signature on the arbitrary message. Therefore,this paper proposed an improved scheme. In the improved scheme,it added some system parameters in the verification equation,thus effectively proved the validity of the signer's SIDand resisted the public key replacement attack of adversary AⅠ. Analysis result shows that the improved sheme is secure,it can resist the forgery attacks of the adversary AⅠ,AⅡand AⅢ.
出处
《计算机应用研究》
CSCD
北大核心
2016年第3期873-875,890,共4页
Application Research of Computers
基金
国家自然科学基金资助项目(U1433130)
四川省重点基金资助项目(SZD0802-09-1)
西华大学重点实验室开放研究基金资助项目(S2jj2012-029)