共查询到19条相似文献,搜索用时 156 毫秒
1.
无证书公钥密码体制结合了基于身份的密码体制和传统PKI公钥密码体制的优势,克服了基于身份的公钥密码体制的密钥托管问题及PKI系统的证书管理问题,具有明显的优势.对Hassouna等提出的一个强安全无证书签名方案进行安全分析.结果表明,该方案不能验证消息的完整性,存在消息篡改攻击,且方案未使用根据系统主密钥生成的私钥进行签名,所以不是无证书签名方案.在此基础上,提出了一个改进的无证书签名方案,在随机预言机模型下,基于椭圆曲线Diffie-Hellman问题假设,证明了该方案可以抵抗第一类强敌手和第二类敌手的攻击,满足存在性不可伪造的安全性. 相似文献
2.
3.
4.
5.
一种高效安全的无证书数字签名方案 总被引:3,自引:0,他引:3
无证书签名体制容易遭受公钥替换攻击,在很多已有的方案中,密钥生成中心(KGC)可假冒合法用户生成"有效"的公私钥对。在Gap Diffie-Hellman(GDH)群中,利用用户公钥和部分私钥"绑定"技术,提出了一种可追踪KGC假冒的无证书签名方案,在随机谕示模型下,给出了该方案的安全性分析。与同类方案相比,该方案具有较高的效率。 相似文献
6.
对一个无证书签名方案进行安全性分析,指出该方案不能抵抗公钥替换攻击和恶意的KGC攻击,即攻击者可以通过替换签名者的公钥来伪造任意消息的签名,恶意的KGC(Key Generation Center)可以获取用户的私钥。分析结果显示该方案不能满足无证书签名方案的安全性要求,同时为了应对这两种攻击,提出了改进的方案。 相似文献
7.
对Xu等提出的无证书签名方案和Fan的无证书代理签名方案进行了安全性分析,指出Xu的签名方案是可以普遍伪造的。而Fan的代理签名方案中,原始签名人在授权过程中泄露了自己的私钥,且该代理签名不能抵抗公钥替换攻击,即任何人(没有代理私钥)只要替换了原始签名人和代理签名人的公钥就可以伪造代理签名人的代理签名。 相似文献
8.
陆空通话标准用语(英语)的语音指令识别技术研究 总被引:1,自引:0,他引:1
Hafizul Islam SK 和 G.P.Biswas最近基于椭圆曲线双线性对提出一个无证书强指定验证者签名方案,并声称该方案在三类敌手攻击模型下是可证明安全的,即第一类只得到系统公开参数和公钥的敌手,第二类可替换签名和验证者公钥的敌手,第三类可得到系统主密钥的敌手。分析该强指定验证者签名方案不能抵抗第三类敌手的攻击,亦即第三类敌手可以伪造有效的签名。针对此缺陷,对该无证书强指定验证者签名方案做了改进,在改进方案中,验证者的秘密私钥(由参与者独立产生的私钥)参与签名的验证计算,因此有效避免了原有方案的安全缺陷。最后对改进方案作了安全性分析,说明改进方案确实能抵抗三类敌手的攻击。 相似文献
9.
10.
11.
《国际计算机数学杂志》2012,89(11):2244-2258
A provably secure certificateless digital signature scheme using elliptic curve cryptography is presented in this paper. Since the certificateless public key cryptosystem removes the complex certificate management procedure and the private key escrow problem of traditional public key cryptography (PKC) and identity-based cryptosystem (IBC), respectively, and as a result, the proposed scheme is more efficient than IBC- and PKC-based signatures. Besides, the bilinear pairing and map-to-point hash function are time-consuming operations, and thus the signatures without these two operations are more attractive in real applications and the present work has been carried out in this direction. Based on the elliptic curve discrete logarithm assumption, it is shown that the proposed scheme is unforgeable under the adaptive chosen message and identity attacks in the random oracle model against variety of adversaries. Finally, our signature scheme is compared with a number of competitive schemes and the satisfactory performance has been achieved. 相似文献
12.
以区块链为底层技术的比特币、Libra等密码货币掀起了数字经济的浪潮.密码货币采用数字签名保证交易的可验证性和完整性,其中签名私钥确保了货币资产的所有权.若签名私钥丢失或被盗,货币资产的安全将受到严重威胁.相比于椭圆曲线数字签名算法ECDSA,基于爱德华曲线的数字签名算法EdDSA具备运算速度更快、密钥与签名空间更小等优势,被用于Libra交易单的签名.但因其是确定性签名,容易遭受差分故障攻击,造成密钥丢失或泄漏.如何抵抗这一种攻击,并设计可证明安全的EdDSA签名是一个挑战.首先定义了抗差分故障攻击的数字签名方案需满足的安全性质,利用差分故障攻击技术对EdDSA签名算法进行了分析,提出了抗差分故障攻击的EdDSA签名方案,并证明了方案满足存在不可伪造性和抗差分故障攻击性;为了降低签名私钥泄漏风险,借助Paillier同态加密技术,设计了抗差分故障攻击的两方协同EdDSA签名方案,并基于通用可组合安全模型(universally composable, UC)证明了方案的安全性;最后,对两方协同ECDSA签名算法与抗差分故障攻击的两方协同EdDSA签名算法计算复杂度分析与算法执行效率测... 相似文献
13.
Certificateless multi-proxy signature 总被引:3,自引:0,他引:3
Multi-proxy signature is a scheme that an original signer authorizes a proxy group as his proxy agent and later only the cooperation of all proxy signers in the proxy group could sign messages on behalf of the original signer. To our best knowledge, most of the existing multi-proxy signature schemes are proposed in public key infrastructure or identity-based setting. However, due to avoiding the inherent escrow problem of identity-based cryptography and yet not requiring certificates to guarantee the authenticity of public keys, certificateless public key cryptography has become an attractive paradigm on which many cryptographical primitives are based. In this paper, a generic construction and a formal security model of certificateless multi-proxy signature (CLMPS) are firstly defined. A concrete CLMPS scheme is also proposed, which is proven to be existentially unforgeable against adaptively chosen warrant attacks and chosen message and identity attacks in the random oracle model under the computational Diffie-Hellman assumption. 相似文献
14.
Zuhua Shao 《Information Sciences》2008,178(10):2360-2373
We propose a new verifiably encrypted signature scheme from pairings by choosing a certificate authority (CA) as an adjudicator. In this scheme, a certificate, or generally, a signature acts not only as the binding of the public key and its holder, but also as CA’s guarantee against partiality in adjudication. Under the CDH assumption and in the random oracle model, we show that the new scheme is EUF-CMA secure in a stronger security model. In this security model, there are three types of inside adversaries with more power than those in previous verifiably encrypted signature schemes. The proposed scheme can solve the authentication problem of public keys and relax excessive reliance on the trustworthiness of the adjudicator so that the adjudicator only needs to be trusted by the signer. Hence, the fair exchange protocols of signatures based on the new scheme is more trustworthy and practical than the previous ones. 相似文献
15.
对郭玲玲等(郭玲玲, 林昌露, 张胜元. 针对一类无证书签名方案的攻击及改进. 计算机工程, 2012, 38(16): 134-137,141)提出的无证书签名方案进行安全性分析,结果表明方案不能抵抗公钥替换攻击。为此,提出了一种改进方案。在随机预言机模型下证明了改进方案对自适应选择消息和身份攻击是存在性不可伪造的,其安全性可归约为计算Diffie-Hellman问题。与其他基于双线性对的无证书签名方案相比,改进方案具有较高的运算效率。 相似文献
16.
17.
Harendra SinghAuthor VitaeGirraj Kumar VermaAuthor Vitae 《Journal of Systems and Software》2012,85(1):209-214
A proxy signature scheme, introduced by Mambo, Usuda and Okamoto, allows an entity to delegate its signing rights to another entity. Identity based public key cryptosystems are a good alternative for a certificate based public key setting, especially when efficient key management and moderate security are required. From inception several ID-based proxy signature schemes have been discussed, but no more attention has been given to proxy signature with message recovery. In this paper, we are proposing provably secure ID-based proxy signature scheme with message recovery and we have proved that our scheme is secure as existential forgery-adaptively chosen message and ID attack. As proposed scheme is efficient in terms of communication overhead and security, it can be a good alternative for certificate based proxy signatures, used in various applications such as wireless e-commerce, mobile agents, mobile communication and distributed shared object systems, etc. 相似文献
18.
标准模型下可证安全的基于身份的高效签名方案 总被引:13,自引:0,他引:13
基于身份的公钥密码体制克服了传统公钥密码体制所带来的公钥证书存储和管理开销问题;目前大多数基于身份的数字签名方案的安全性足基于随机预言模型进行证明,但随机预言机的实现方式可能会导致方案的不安全,如Hash函数,往往返回的结果并小是随机的.文中提出一种安全、高效的基于身份的签名方案,并且在标准模型下证明该方案对自适应选择消息攻击是存在不可伪造的,方案的安全性可规约为CDH困难假定.与现有的标准模型下安全的基于身份的签名方案相比,方案的通信代价更小,执行效率更高. 相似文献