无证书签名方案的分析与改进

针对汤永利等提出的9种无证书签名方案（汤永利，王菲菲，叶青，等.改进的可证明安全无证书签名方案.北京邮电大学学报，2016,39(1):112-116），首先使用线性化方程分析方法，发现所有方案中公钥之间存在线性关系，利用此缺陷完成对所有方案的签名伪造攻击；其次，为打破公钥之间的线性关系，使用改造哈希函数参数的方法改进方案，并在随机预言机模型下证明了改进方案的安全性；然后，提出一种无证书签名方案中的公钥构造格式，通过该格式构造出的签名方案无法被敌手进行公钥替换攻击；最后，通过仿真对改进方案与现有的无证书签名方案进行效率比较。实验结果表明，改进方案在提高安全性的同时未降低计算效率。

Analysis and improvement of certificateless signature scheme

For nine certificateless signature schemes proposed by Y L Tang， et al. （TANG Y L， WANG F F， YE Q， et al. Improved provably secure certificateless signature scheme. Journal of Beijing University of Posts and Telecommunications， 2016， 39（1）： 112-116）， firstly， the linearized equation analysis method was used. It was found that there was a linear relationship between the public keys in all schemes. This defect was exploited to complete a signature forgery attack on all schemes. Secondly， in order to break the linear relationship between the public keys， the method of modifying the parameters of hash function was used to improve the scheme， and the security of the improved scheme was proved under the random oracle model. Thirdly， a public key construction format of certificateless signature scheme was proposed. The signature scheme constructed by this format could not be attacked by adversaries using public key replacement. Finally， the efficiency of the improved scheme was compared with those of the existing certificateless signature schemes through simulation. Experimental results show that the improved scheme promotes the security without reducing the computational efficiency.