一个高效的基于身份签名方案的安全性分析  被引量：1

作　　者：杨小东 肖立坤 李雨桐 陈春霖 王彩芬 YANG Xiaodong;XIAO Likun;LI Yutong;CHEN Chunlin;WANG Caifen(College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China;State Key Laboratory of Cryptology,Beijing 100878,China)

机构地区：[1]西北师范大学计算机科学与工程学院,兰州730070 [2]密码科学技术国家重点实验室,北京100878

出　　处：《计算机工程》2018年第11期115-118,共4页Computer Engineering

基　　金：国家自然科学基金(61662069;61562077);中国博士后科学基金(2017M610817);甘肃省科技计划项目(1506RJZA130);兰州市科技计划项目(2013-4-22);西北师范大学青年教师科研能力提升计划项目(NWNU-LKQN-14-7)

摘　　要：黄一才等人(密码学报,2017年第5期)提出一个高效的基于身份签名方案,并采用混合游戏的方法在标准模型中证明该签名方案是强不可伪造,其安全性依赖于CDH假设。但是方案的安全性证明存在严重的安全缺陷。为分析该方案的安全性,构造一个多项式时间区分算法,以不可忽略的概率区分模拟签名与真实签名的概率分布,表明模拟游戏和真实游戏是可区分的,从而说明黄一才方案不能正确地证明该方案是强不可伪造的。设计一个多项式时间算法输出该方案的伪造签名,挑战者无法利用伪造的签名求解CDH问题。安全性分析结果表明,该方案的安全性并不能归约到CDH假设,将其安全性归约到CDH假设的结论是错误的。HUANG Yicai et al(Journal of Cryptologic Research,No.5,2017)proposes an efficient identity-based signature scheme,which uses a hybrid game approach to prove that the scheme is strongly unforgeable in a standard model,and its security depends on the Computational Diffie-Hellman(CDH)hypothesis.However,the security of the scheme proves that there are serious security flaws.In order to analyze the security of the scheme,a polynomial-time disting uish algorithm is constructed to distinguish the probability distribution of simulated signatures from that of real signatures with a non-negligible probability,which indicates that the simulated game and the real game are distinguishable.Therefore,the security proof of the scheme can not prove that the scheme is strong and unfalsifiable.Designing a polynomial time algorithm to output the forged signature of the scheme,the challenger cannot use the forged signature to solve the CDH problem.Security analysis results show that the security of the scheme cannot be reduced to the CDH hypothesis,and the conclusion that the security is reduced to the CDH hypothesis is wrong.

关 键 词：基于身份签名 可证明安全 混合游戏 强不可伪造 安全性分析 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]