【摘要】 对Hafizul等提出的无证书强指定验证者签名方案进行安全分析,指出该方案不能抵抗授权攻击和恶意但被动的KGC(Key Generation Center)的普遍伪造攻击。同时也指出了另外一个缺陷,即不仅指定验证者的私钥可以验证签名,而且签名者的私钥也可以验证签名。提出改进的方案,改进方案克服了原方案的安全缺陷,提高了系统的安全性。更多还原

【Abstract】 We make the security analysis on the certificateless strong designated verifier signature scheme proposed by Hafizul et al.,and point out that the scheme can’t resist to the delegatability attack and to universal forgeability attack by malicious-but-passive KGC( key generation centre). Moreover,we point out another bug,that is,the signature can be verified not only with the designated verifier’s secret key but also with the signer’s secret key. The improved scheme is proposed,it overcomes the security flaws of original scheme and enhances the security of the system.更多还原