一种门限代理签名方案的分析与改进

通过对Qian-cao-xue的基于双线性映射的的门限代理签名方案分析,发现该方案并不满足强不可伪造性,任何人包括原始签名人可以伪造一个有效的代理签名,同时该方案也不能抵抗原始签名人改变攻击.在此基础上提出了改进的门限代理签名方案(方案1),改进的方案克服了原方案的安全缺陷.并把矢量空间秘密共享和多重代理签名结合起来,构建了一种更为广泛的基于访问结构的多重代理签名(方案2).门限代理签名方案(方案1)成为方案2的特殊情形.方案2中任何参与者的授权子集能产生多重代理签名,而非参与者不可能产生有效的多重代理签名,接收者可以通过验证方法验证个体代理签名和多重代理签名的合法性,而且能保证任何参与者都能检测出错误的子秘密.能抵御各种可能的攻击.

Cryptanalysis and Improvement of a Threshold Proxy Signature Scheme from Bilinear Pairings

Present a security analysis of the Qian-cao-xues new threshold proxy signature scheme from bilinear pairings,which does not posses the strong unforgeability property,anyone including original signer can forge a valid threshold proxy signature for any message,at the same time,this scheme can't resist original signer changing attack.An improved threshold proxy signature scheme (denoted as scheme one) is proposed,which can resolve the security problem existing in the Qian-cao-xues new threshold proxy signature scheme.Based on scheme one,by combining vector space secret sharing with multi-proxy signature,a new and wider multi-proxy signature (denoted as scheme two) is constructed.Then scheme one becomes the typical representative of scheme two.In scheme two,the multi-proxy signature can be easily produced if an authorized subset of participants pool their secret shares,and it is impossible for them to generate a multi-proxy signature if an unauthorized subset of participants pool their secret shares.The validity of the partial signature and the multi-proxy signature can be verified by means of verification equations.Moreover the suspected forgery can be traced and the malicious participants can be caught.None of the possible attacks can successfully break this scheme.