摘要
通过对新近提出的一个无证书聚合签名方案和一个基于证书聚合签名方案进行安全性分析,发现这两类签名方案并不安全,均能够受到KGC攻击。此外,该无证书聚合签名方案还能受到替换公钥攻击。在这些攻击中,攻击者可以对任意选择消息成功伪造签名。最后,分析了存在这些攻击的根本原因,对于这两类聚合签名方案的构造具有借鉴意义。
Through the security analyses on a certificateless aggregate signature scheme and a certificate-based aggregate signature scheme, both are newly proposed, we found that these two aggregate signature schemes are insecure, they can all suffer from KGC attack. Furthermore, the certificateless aggregate signature scheme will also suffer from public key replacement attack as well. In such attacks, the attacker can forge a valid aggregate signature on arbitrarily selected message. Finally, we analysed the primary reason of the existence of these attacks, which is of referential significance to the construction of these two aggregate signature schemes.
出处
《计算机应用与软件》
CSCD
2016年第12期309-312,共4页
Computer Applications and Software
基金
国家自然科学基金项目(61373140)
福建省自然科学基金项目(2015J01662)
莆田学院校内科研项目(2016038)
关键词
无证书
基于证书
聚合签名
替换公钥攻击
KGC攻击
双线性对
Certificateless
Certificate-based
Aggregate signature
Public key replacement attack
KGC attack
Bilinear pairings