无证书部分盲签名的密码分析与改进

IET Inf. Secur. Pub Date : 2015-10-12 DOI:10.1049/iet-ifs.2014.0293

Lin Cheng, Q. Wen

{"title":"无证书部分盲签名的密码分析与改进","authors":"Lin Cheng, Q. Wen","doi":"10.1049/iet-ifs.2014.0293","DOIUrl":null,"url":null,"abstract":"Partially blind signature is an important technique in secure electronic cash (e-cash) system. The first concrete certificateless partially blind signature (CLPBS) scheme for e-cash was constructed in 2011. Recently it was found that this construction had a security weakness and a rescued scheme was given. Unfortunately, the formal security proof was not given. In this study, the authors first give cryptanalysis of their rescued scheme. They demonstrate that a malicious user in their rescued scheme can forge a signature on any message by replacing the signer's public key. In an e-cash system, blind signatures issued by the bank are viewed as e-cash. Once they apply their scheme to an untraceable e-cash system, a malicious user can forge valid electronic coins (i.e. valid signatures) without being detected by the bank. It will result in loss of the bank. Then, they propose a newly improved CLPBS scheme which achieves the strongest security level and has higher computational efficiency than the rescued scheme published earlier. Finally, they give an example of potential application to e-cash systems using their scheme.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Cryptanalysis and improvement of a certificateless partially blind signature\",\"authors\":\"Lin Cheng, Q. Wen\",\"doi\":\"10.1049/iet-ifs.2014.0293\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Partially blind signature is an important technique in secure electronic cash (e-cash) system. The first concrete certificateless partially blind signature (CLPBS) scheme for e-cash was constructed in 2011. Recently it was found that this construction had a security weakness and a rescued scheme was given. Unfortunately, the formal security proof was not given. In this study, the authors first give cryptanalysis of their rescued scheme. They demonstrate that a malicious user in their rescued scheme can forge a signature on any message by replacing the signer's public key. In an e-cash system, blind signatures issued by the bank are viewed as e-cash. Once they apply their scheme to an untraceable e-cash system, a malicious user can forge valid electronic coins (i.e. valid signatures) without being detected by the bank. It will result in loss of the bank. Then, they propose a newly improved CLPBS scheme which achieves the strongest security level and has higher computational efficiency than the rescued scheme published earlier. Finally, they give an example of potential application to e-cash systems using their scheme.\",\"PeriodicalId\":13305,\"journal\":{\"name\":\"IET Inf. Secur.\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Inf. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1049/iet-ifs.2014.0293\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/iet-ifs.2014.0293","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

部分盲签名是安全电子现金系统中的一项重要技术。第一个具体的电子现金无证书部分盲签名(CLPBS)方案于2011年构建。最近发现该结构存在安全漏洞，并给出了一种拯救方案。不幸的是，没有提供正式的安全证明。在这项研究中，作者首先给出了他们的拯救方案的密码分析。他们证明，在他们拯救的方案中，恶意用户可以通过替换签名者的公钥来伪造任何消息上的签名。在电子现金系统中，银行发出的盲目签名被视为电子现金。一旦他们将其方案应用于无法追踪的电子现金系统，恶意用户就可以伪造有效的电子硬币(即有效签名)而不会被银行发现。这将导致银行的损失。然后，他们提出了一种新的改进的CLPBS方案，该方案达到了最强的安全级别，并且比先前发布的获救方案具有更高的计算效率。最后，他们给出了一个使用他们的方案在电子现金系统中潜在应用的例子。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Cryptanalysis and improvement of a certificateless partially blind signature

Partially blind signature is an important technique in secure electronic cash (e-cash) system. The first concrete certificateless partially blind signature (CLPBS) scheme for e-cash was constructed in 2011. Recently it was found that this construction had a security weakness and a rescued scheme was given. Unfortunately, the formal security proof was not given. In this study, the authors first give cryptanalysis of their rescued scheme. They demonstrate that a malicious user in their rescued scheme can forge a signature on any message by replacing the signer's public key. In an e-cash system, blind signatures issued by the bank are viewed as e-cash. Once they apply their scheme to an untraceable e-cash system, a malicious user can forge valid electronic coins (i.e. valid signatures) without being detected by the bank. It will result in loss of the bank. Then, they propose a newly improved CLPBS scheme which achieves the strongest security level and has higher computational efficiency than the rescued scheme published earlier. Finally, they give an example of potential application to e-cash systems using their scheme.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IET Inf. Secur.

自引率

0.00%

发文量

期刊最新文献

Revisit Two Memoryless State-Recovery Cryptanalysis Methods on A5/1 Improved Lattice-Based Mix-Nets for Electronic Voting Adaptive and survivable trust management for Internet of Things systems Comment on 'Targeted Ciphers for Format-Preserving Encryption' from Selected Areas in Cryptography 2018 Time-specific encrypted range query with minimum leakage disclosure