最近,一种基于双认证中心的隐藏签名认证方案(SMA)被提出来,解决了ID-PKA的密钥托管问题.但是,经过分析,首次指出了SMA方案存在重要安全缺陷,并提出签名控制攻击策略.针对这一缺陷,引入新的隐藏签名机制,并通过在用户签名中增加随机认证参数改进了SMA方案.定义了一类更强的敌手模型,并分析了改进方案的有效性、安全性和计算性能.分析结果表明,改进方案的计算性能略优于原方案.同时,新方案实现了抗密钥托管特性,且在强敌手模型下是可证明安全和有效的.%Recently,proposed a two-KGC-based signature-masked authentication scheme(SMA), which solved the key escrow issue of ID-PKA. But there was a key fault, called signature control attack and disclosed firstly, in the SMA. Aiming at remedy this fault, this paper improved the SMA protocol by a new masked signature scheme that a random number was embedded into the user's signature. Furthermore,defined a type of strongestrongr adversary,and analyzed the effectiveness, security and performance of the new authentication scheme. The results show that the computing cost of improved scheme is lower than the SMA. Meanwhile, the new scheme achieves anti-key escrow, and is secure and effective under our adversary model.
展开▼
