| 两种签密方案的安全分析 |
| |
| 引用本文: | 张键红.两种签密方案的安全分析[J].东南大学学报(自然科学版),2007,37(A01):29-33. |
| |
| 作者姓名: | 张键红 |
| |
| 作者单位: | 北方工业大学理学院,北京100041 |
| |
| 基金项目: | 国家自然科学基金资助项目(60703044)、教育部新世纪优秀人才计划资助项目(NCET-06-188)、北京市科技新星计划资助项目(2007B-001). |
| |
| 摘 要: | 通过对一种基于身份的签密方案和一种多接收者的签密方案进行分析,展示出这2种方案是不安全的,尽管这2种方案在文献中被证明在随机预言模型下是安全的,但是它们存在着伪造攻击,在基于身份的签密方案中,一个不诚实的接收者可以伪造任意消息m的签密文,并且一个敌手在挑战阶段可以区分一个挑战密文;在多接收者签密方案中,任意一个接收者能够代表其他接收者伪造一个消息m的签密文,为了克服这2种方案的缺陷,分别通过对s进行约束和改变原方案的哈希值的输入来阻止上面的攻击。
|
| 关 键 词: | 签密 安全分析 伪造 |
| 文章编号: | 1001-0505(2007)增刊(Ⅰ)-0029-05 |
| 收稿时间: | 2007-07-20 |
Security analysis of two signcryption schemes |
| |
| Zhang Jianhong.Security analysis of two signcryption schemes[J].Journal of Southeast University(Natural Science Edition),2007,37(A01):29-33. |
| |
| Authors: | Zhang Jianhong |
| |
| Abstract: | The security of an ID-based signcryption scheme and a multi-recipient signcryption scheme are analyzed. It is shown that these two signcryption schemes are insecure although they were proven to be secure under the random oracle model in existing references. In the ID-based signcryption scheme, any dishonest receiver can forge a signcryption on arbitrary message m, and the adversary can distinguish the challenged ciphertext in the challenge phase. In the multi-recipient signcryption scheme, any receiver can forge a signcryption of message m on behalf of the other receivers. To overcome the flaws of these two schemes, it is suggested to restrict S of signcryption in the first scheme and modify the inputs of hash function in the second scheme to resist the above attacks. |
| |
| Keywords: | signcryption security analysis forgery |
| 本文献已被 维普 等数据库收录! |
