This paper analyzed the security of blind signature scheme without trusted PKG proposed by Zhou Ping,et al.It showed that the scheme couldn’t resist the forgery attack of the type one adversary AⅠ.The adversary AⅠ could substitute the user’s partial public key and forge a valid blind signature on the arbitrary message.Therefore,this paper proposed an im-proved scheme.In the improved scheme,it added some system parameters in the verification equation,thus effectively proved the validity of the signer’s SID and resisted the public key replacement attack of adversary AⅠ.Analysis result shows that the improved sheme is secure,it can resist the forgery attacks of the adversary AⅠ,AⅡ and AⅢ.%针对周萍等人的无可信 PKG 的盲签名方案详细分析了其安全性,指出方案不能抵抗敌手 AⅠ伪造攻击,敌手 AⅠ可对用户的部分公钥进行替代,生成对任意消息的合法盲签名。为此,提出了相应的改进方案。改进的方案在验证等式中增加了系统参数,有效地证明了签名者拥有合法的 SID ,从而防止了敌手 AⅠ的公钥替代攻击。分析表明,改进的方案是安全的,能抵抗敌手 AⅠ,AⅡ,AⅢ的伪造攻击。
展开▼
