三类无证书签名方案的缺陷及改进

Abstract

对最近提出的2个在随机预言模型中可证安全的无证书签名方案和1个在标准模型中可证安全的无证书签名方案进行安全性分析,指出这3个方案不能抵抗替换公钥攻击的安全隐患,在这种攻击下攻击者能够生成新的公钥满足合法签名者生成的合法签名。给出改进措施,有效克服原方案中的设计缺陷。

The security flaws of two provably-secure certificateless signature schemes in the random oracle model and a provably-secure certificateless signature scheme in the standard model are analyzed.It is found that the three schemes are all insecure against public key replacement attack.In this attack,an adversary can generate a new public key satisfying legitimate signatures created by the legitimate signer.In order to avoid these flaws,an improvement measure is proposed,which can resolve the security problems existing in the original schemes.