Security analysis and improvement of two attribute-based signature schemes

Xiao YANG; Guang-li XIANG; Jiang-hong WEI; Rui-zong SUN

doi:10.11959/j.issn.1000-436x.2016263

您当前的位置：

首页 >

文章列表页 >

Security analysis and improvement of two attribute-based signature schemes

Contents Papers | 更新时间：2024-06-05

- Security analysis and improvement of two attribute-based signature schemes
- Journal on Communications Vol. 37, Issue Z1, Pages: 168-173(2016)
- 作者机构：
  
  1. 武汉理工大学计算机科学与技术学院，湖北武汉 430070
  2. 解放军信息工程大学，河南郑州 450001
  3. 数字工程与先进计算国家重点实验室，河南郑州 450001
- 作者简介：
- 基金信息：
- DOI：10.11959/j.issn.1000-436x.2016263
  CLC： TP309
- Online First：2016-10，
  
  Published：25 October 2016
- 稿件说明：
移动端阅览
Xiao YANG, Guang-li XIANG, Jiang-hong WEI, et al. Security analysis and improvement of two attribute-based signature schemes[J]. Journal on Communications, 2016, 37(Z1): 168-173.
DOI：

Xiao YANG, Guang-li XIANG, Jiang-hong WEI, et al. Security analysis and improvement of two attribute-based signature schemes[J]. Journal on Communications, 2016, 37(Z1): 168-173. DOI： 10.11959/j.issn.1000-436x.2016263.

摘要

为了克服已有属性基签名机制在安全性、效率和签名策略上的缺陷，Ma等和Cao等分别提出了一个单属性机构环境下的门限属性基签名体制和多属性机构环境下签名策略支持属性的与、或、门限操作的属性基签名体制，并在计算性Diffie-Hellman假设下给出了相应体制的安全性证明。通过给出具体的攻击方法，指出这2个属性基签名方案都是不安全的，均不能抵抗伪造攻击，无法在实际中应用。此外，分析了这2个方案不安全的原因，并给出了针对Ma等方案的一种改进措施。

Abstract

In order to overcome the drawbacks of current attribute-based signature (ABS) schemes in terms of security

efficiency and signing policy

et al.and Cao

et al.respectively proposed a threshold ABS with single attribute au-thority and a multi-authority ABS with signing policy supporting AND

threshold gates

and presented the security proof of their schemes under computational Diffie-Hellman assumption.Both schemes were demonstrated have security pitfalls by presenting specified attacks against them.Specifically

their schemes are all vulnerable to forgery attack.Thus

they are not feasible for practical applications.In addition

the cause of the flaws in these ABS schemes are presented

as well as an improvement of Ma et al.'s scheme.

关键词

Keywords

references

SAHAI A , WATERS B . Fuzzy identity-based encryption[C]//Advances in Cryptology-Eurocrypt 2005 . 2005 : 457 - 473 .

OKAMOTO T , TAKASHIMA K . Efficient attribute-based signatures for non-monotone predicates in the standard model [J ] . IEEE Transac-tions on Cloud Computing , 2014 , 2 ( 4 ): 409 - 421 .

CHEN T , LI J , HUANG X , et al . Secure outsourced attribute-based signatures [J ] . IEEE Transactions on Parallel and Distributed Systems , 2014 , 25 ( 12 ): 3285 - 3294 .

WEI J , HUANG X , HU X , et al . Revocable threshold attribute-based signature against signing key exposure[C]//ISPEC 2015 . 2015 : 316 - 330 .

WEI J , HU X , LIU W . Traceable attribute-based signcryption [J ] . Secu-rity and Communication Networks , 2014 , 7 ( 12 ): 2302 - 2317 .

杨晓元，林志强，韩益亮 . 高效的模糊属性基签密方案 [J ] . 通信学报， 2013 , 34 ( Z1 ): 8 - 13 .

YANG X Y , LIN Z Q , HAN Y L . Efficient fuzzy attribute-based sign-cryption scheme [J ] . Journal on Communications , 2013 , 34 ( Z1 ): 8 - 13 .

MAJI H , PRABHAKARAN M , ROSULEK M . Attribute-based sig-natures:achieving attribute-privacy and collusion-resistance [EB/OL ] . http://eprint.i acr.org/2008/328 http://eprint.i acr.org/2008/328 , 2008 .

KUMAR S , AGRAWAL S , BALARAMAN S , et al . Attribute based signatures for bounded multi-level threshold circuits[C]//EuroPKI 2010 . 2011 : 141 - 154 .

LI J , AU M , SUSILO W , XIE D , et al . Attribute-based signature and its applications[C]//The 5th ACM Symposium on Information,Computer and Communications Security-ASIACCS'10 . New York , 2010 : 60 - 69 .

LI J , KIM K . Hidden attribute-based signatures without anonymity revocation [J ] . Information Sciences , 2010 , 180 ( 9 ): 1681 - 1689 .

SHAHANDASHTI S , SAFAVI N . Threshold attribute-based signa-tures and their application to anonymous credential sys-tems[C]//Progress in Cryptology-AFRICACRYPT 2009 . 2009 : 198 - 216 .

MAJI H , PRABHAKARAN M , ROSULEK M . Attribute-based signa-tures[C]//CT-RSA 2011 . 2011 : 376 - 392 .

OKAMOTO T , TAKASHIMA K . Efficient attribute-based signatures for non-monotone predicates in the standard model[C]//Public Key Cryptography-PKC 2011 . 2011 : 35 - 52 .

CAO D , WANG X , WANGT , SU J . An expressive attribute-based signature scheme without random oracles[C]//2011 International Con-ference on Computer Application and System Modeling (ICCASM2011) . 2011 : 560 - 564 .

ESCALA A , HERRANZ J , MORILLO P . Revocable attribute-based signatures with adaptive security in the standard model[C]//Proceed-ings of the 4th International Conference on Progress in Cryptology in Africa (AFRICACRYPT'11) . 2011 : 224 - 241 .

WEI J , LIU W , HU X . Forward-secure threshold attribute-based sig-nature scheme [J ] . The Computer Journal , 2015 , 58 ( 10 ): 2492 - 2506 .

GHADAFI E . Stronger security notions for decentralized traceable attribute-based signatures and more efficient constructions[C]//CT-RSA 2015 . 2015 : 391 - 409 .

马春光，石岚，周长利，等 . 属性基门限签名方案及其安全性研究 [J ] . 电子学报， 2013 , 41 ( 5 ): 1012 - 1015 .

MA C G , SHI L , ZHOU C L , et al . Threshold attribute-based signature and its security [J ] . Acta Electronic Sinica , 2013 , 41 ( 5 ): 1012 - 1015 .

CAO D , ZHAO B , WANG X , et al . Flexible multi-authority attrib-ute-based signature schemes for expressive policy [J ] . Mobile Informa-tion Systems , 2012 , 8 ( 3 ): 255 - 274 .

Views

1338

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

AEUR: authenticated encryption algorithm design based on uBlock round function

Defense-enhanced dynamic heterogeneous redundancy architecture based on executor partition

Provably secure and efficient certificateless sequential multi-signature scheme in random oracle model

Security flaws and improvement to a wireless authentication protocol with anonymity

Related Author

Yatao YANG

Hui DONG

Jiantao LIU

Yanshuo ZHANG

Ting WU

Chengnan HU

Qingnan CHEN

Anbang CHEN

Related Institution

Department of Electronic and Communication Engineering, Beijing Electronic Science and Technology Institute

School of Telecommunication Engineering, Xidian University

School of Cyberspace Security, Hangzhou Dianzi University

Hangzhou Innovation Institute, Beihang University

School of Computer Science and Technology，University of Science and Technology of China

AI问答

⁰