| 一种基于无证书的多方合同签署协议的安全性分析与改进 |
| |
| 引用本文: | 杨小东, 李梅娟, 任宁宁, 田甜, 王彩芬. 一种基于无证书的多方合同签署协议的安全性分析与改进[J]. 电子与信息学报, 2022, 44(10): 3627-3634. doi: 10.11999/JEIT210878 |
| |
| 作者姓名: | 杨小东 李梅娟 任宁宁 田甜 王彩芬 |
| |
| 作者单位: | 1.西北师范大学计算机科学与工程学院 兰州 730070;;2.深圳技术大学大数据与互联网学院 深圳 518118 |
| |
| 基金项目: | 国家自然科学基金(61662069,61562077),中国博士后科学基金(2017M610817),兰州市科技计划项目(2013-4-22),西北师范大学青年教师科研能力提升计划(NWNU-LKQN-14-7) |
| |
| 摘 要: | 2019年,曹等人(doi: 10.11999/JEIT190166)提出了一个适用于多方合同签署环境中高效的无证书聚合签名方案,并证明了该方案在随机预言模型下存在不可伪造性。然而,通过安全性分析发现,该方案无法抵抗替换公钥攻击和内部签名者的联合攻击。为了解决上述安全缺陷,该文提出一个改进的无证书聚合签名方案。新方案不仅在随机预言模型下基于计算性Diffie-Hellman问题满足不可伪造性,同时也能够抵抗联合攻击。
|
| 关 键 词: | 无证书聚合签名 联合攻击 不可伪造性 合同签署 |
| 收稿时间: | 2021-08-26 |
| 修稿时间: | 2022-03-07 |
Security Analysis and Improvement of a Multi-party Contract Signing Protocol Based on Certificateless |
| |
| YANG Xiaodong, LI Meijuan, REN Ningning, TIAN Tian, WANG Caifen. Security Analysis and Improvement of a Multi-party Contract Signing Protocol Based on Certificateless[J]. Journal of Electronics & Information Technology, 2022, 44(10): 3627-3634. doi: 10.11999/JEIT210878 |
| |
| Authors: | YANG Xiaodong LI Meijuan REN Ningning TIAN Tian WANG Caifen |
| |
| Affiliation: | 1. College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China;;2. College of Big Data and Internet, Shenzhen Technology University, Shenzhen 518118, China |
| |
| Abstract: | In 2019, CAO et al. (doi: 10.11999/JEIT190166) proposed an efficient certificateless aggregate signature scheme which is suitable for multi-party contract signing environment. They demonstrated that their scheme is unforgeable under the random oracle model. However, by the security analysis, it is found that their scheme can not resist public key substitution attacks and coalition attacks of internal signers. In order to solve the above security defects, an improved certificateless aggregate signature scheme is proposed. The new scheme not only satisfies the unforgeability based on the computational Diffie-Hellman problem under the random oracle model, but also resists coalition attacks. |
| |
| Keywords: | Certificateless aggregate signature Coalition attack Unforgeability Contract signing |
|
| 点击此处可从《电子与信息学报》浏览原始摘要信息 |
|
点击此处可从《电子与信息学报》下载全文 |
