| 基于身份的可验证加密签名协议的安全性分析 |
| |
| 引用本文: | 张振峰.基于身份的可验证加密签名协议的安全性分析[J].计算机学报,2006,29(9):1688-1693. |
| |
| 作者姓名: | 张振峰 |
| |
| 作者单位: | 中国科学院软件研究所信息安全国家重点实验室,北京,100080 |
| |
| 基金项目: | 国家自然科学基金;国家重点基础研究发展计划(973计划) |
| |
| 摘 要: | 利用Hess的基于身份的数字签名方案,Gu和Zhu提出了一个基于身份的可验证加密签名协议,并认为该协议在随机预言模型下是可证明安全的,从而可以作为基本模块用于构建安全的基于身份的公平交换协议.文章对该协议的安全性进行了深入分析,结果表明该协议存在如下的安全缺陷:恶意的签名者可以很容易地构造出有效的可验证加密签名,但是指定的仲裁者却不能把它转化成签名者的普通签名,因此不能满足可验证加密签名协议的安全需求;而且该协议容易遭受合谋攻击.
|
| 关 键 词: | 基于身份的签名 可验证的加密签名 密码分析 双线性映射 |
| 收稿时间: | 2006-04-05 |
| 修稿时间: | 2006-04-052006-06-16 |
Cryptanalysis of an Identity-Based Verifiably Encrypted Signature Scheme |
| |
| ZHANG Zhen-Feng.Cryptanalysis of an Identity-Based Verifiably Encrypted Signature Scheme[J].Chinese Journal of Computers,2006,29(9):1688-1693. |
| |
| Authors: | ZHANG Zhen-Feng |
| |
| Affiliation: | State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100080 |
| |
| Abstract: | Based on Hess's identitybased signature scheme,Gu and Zhu proposed an identity-based verifiably encrypted signature scheme in CISC 2005.The authors claim that their scheme is provably secure in the random oracle model and can be used as a primitive to construct identity-based optimistic fair exchange protocols.However,this paper shows that their protocol is insecure: A malicious signer can easily generate a valid verifiably encrypted signature,which can not be extracted into an ordinary signature by a designated adjudicator.Moreover,the protocol is also vulnerable to colluding attacks. |
| |
| Keywords: | identity-based signature verifiably encrypted signature cryptanalysis bilinear pairing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
