微信服务号

微信订阅号

2025年5月14日 5:18 星期三
首页 > 过刊浏览>2014年第25卷第5期 >1125-1131. DOI:10.13328/j.cnki.jos.004526
PDF HTML阅读 XML下载 导出引用 引用提醒
安全高效基于身份签名方案的密码学分析
作者:
基金项目:

国家自然科学基金(61003232,61370203,61250110543);教育部博士点基金(20100185120012)


Cryptanalysis of a Secure and Efficient Identity-Based Signature Scheme
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [15]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    基于身份的数字签名方案最显著的特点是,只需要签名人的身份信息而无需签名人的证书来验证签名的有效性,这极大地简化了密钥管理.2006年,Paterson和Schuldt构造了标准模型下可证明安全的基于身份的数字签名方案,但计算效率不高.谷科等人提出了新型的改进方案来提高效率,并声称新方案在标准模型下可证明安全且比同类方案更高效.然而,新方案并不具备不可伪造性.给出了两种具体的攻击:敌手可以伪造用户的密钥或者敌手可以直接伪造任何消息的签名.进一步指出安全性证明中的缺陷,即,敌手的view与安全模拟成功的事件不独立.

    Abstract:

    The distinguishing characteristic of identity-based signatures is that only the identity with no certificate of a signer is involved in the verification of a signature, which simplifies the key management procedures dramatically. A novel identity-based signature scheme that can be proven secure in the standard model was given by Paterson and Schuldt in 2006. Unfortunately, the scheme is not efficient in computation. An improvement due to Gu, et al. was proposed recently to improve the computational efficiency, and it was claimed as being provably secure in the standard model and more efficient than the known schemes in the same flavor. However, this paper shows that the new scheme by Gu, et al. is insecure by demonstrating two concrete attacks in which an adversary can not only forge the private key of an identity but also forge signatures on arbitrary message. The study also identifies a flaw in their security proofs, i.e., the view of the adversary in the security reduction is not independent of the event that the simulation succeeds.

    参考文献
    [1] Shamir A. Identity-Based cryptosystems and signature schemes. In: Blakley GR, Chaum D, des. Advances in Cryptology—CRYPTO'84. LNCS 196, Berlin: Springer-Verlag, 1985. 47-53. [doi: 10.1007/3-540-39568-7_5]
    [2] Boneh D, Franklin M. Identity-Based encryption from the Weil pairing. In: Kilian J, ed. Advances in Cryptology—CRYPTO 2001. LNCS 2139, Berlin: Springer-Verlag, 2001. 213-229. [doi: 10.1007/3-540-44647-8_13]
    [3] Paterson KG. ID-Based signatures from pairing on elliptic curves. Electrics Letters, 2002,38(8):1025-1026. [doi: 10.1049/el:20020 682]
    [4] Cha JC, Cheon JH. An identity-based signature from gap Diffie-Hellman groups. In: Desmedt YG, ed. Proc. of the Public Key Cryptography—PKC 2003. LNCS 2567, Berlin: Springer-Verlag, 2003. 18-30. [doi: 10.1007/3-540-36288-6_2]
    [5] Xun Y. An identity-based signature scheme from the Weil pairing. IEEE Communications Letters, 2003,7(2):76-78. [doi: 10.1109/ LCOMM.2002.808397]
    [6] Gu CX, Zhu YF, Pan XY. Forking lemma and the security proofs for a class of ID-based signatures. Ruan Jian Xue Bao/Journal of Software, 2007,18(4):1007-1024 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/18/1007.htm [doi: 10.1360/ jos181007]
    [7] Ma XL, Gu LZ, Cui W, Yang YX, Hu ZX. ID-Based transitive signature schemes without random oracle. Journal on Communications, 2010,31(5):37-43 (in Chinese with English abstract).
    [8] Gu K, Jia WJ, Wang SC, Shi LW. Proxy signature in the standard model: Constructing security model and proving security. Ruan Jian Xue Bao/Journal of Software, 2012,23(9):2416-2429 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/ 4246.htm [doi: 10.3724/SPJ.1001.2012.04246]
    [9] Lu L, Hu L. Multi-Recipient public key encryption scheme based on Weil pairing. Ruan Jian Xue Bao/Journal of Software, 2008, 19(8):2159-2166 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/19/2159.htm [doi: 10.3724/SP.J.1001.2008. 02159]
    [10] Bellare M, Rogoway P. Random oracles are practical: A paradigm for designing efficient protocols. In: Denning D, Pyle R, Ganesan R, Sandhu R, Ashby V, eds. Proc. of the 1st Conf. on Computer and Communications Security. ACM Press, 1993. 62-73. [doi: 10.1145/168588.168596]
    [11] Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Journal of the ACM, 2004,51(4):557-594. [doi: 10. 1145/1008731.1008734]
    [12] Waters B. Efficient identity-based encryption without random oracles. In: Cramer R, ed. Advances in Cryptology of EUROCRYPT 2005. LNCS 3494, Berlin: Springer-Verlag, 2005. 114-127. [doi: 10.1007/11426639_7]
    [13] Paterson KG, Schuldt J. Efficient identity-based signature secure in the standard model. In: Batten L, Safavi-Nain R, eds. Proc. of the ACISP 2006. LNCS 4058, Berlin: Springer-Verlag, 2006. 207-222. [doi: 10.1007/11780656_18]
    [14] Gu K, Jia WJ, Jiang CL. Efficient and secure identity-based signature scheme. Ruan Jian Xue Bao/Journal of Software, 2011,22(6): 1350-1360 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/4002.htm [doi: 10.3724/SP.J.1001.2011.04002]
    [15] Li JG, Jiang PJ. An efficient and provably secure identity-based signature scheme in the standard model. Chinese Journal of Computers, 2009,32(11):2130-2136 (in Chinese with English abstract). [doi: 10.3724%2fSP.J.1016.2009.02130]
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

禹勇,倪剑兵,许春香,牛磊.安全高效基于身份签名方案的密码学分析.软件学报,2014,25(5):1125-1131

复制
分享
文章指标
  • 点击次数:3730
  • 下载次数: 5799
  • HTML阅读次数: 1571
  • 引用次数: 0
历史
  • 收稿日期:2012-10-28
  • 最后修改日期:2013-11-26
  • 在线发布日期: 2014-05-04
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19937774位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号