There were several interactive authentication schemes for Virtual Enterprise (VE), but none of them could regularly update, and some couldnˊt trace the membersˊ identities, some couldnˊt resist conspiracy attacks, so their safety were low. Based on (t, n) threshold secret sharing, a regular updatable conspiracy attack immune interactive authentication scheme for VE with identity traceability and partial signatures verifiability was proposed, and its security analysis had been done. In the new scheme, all of the group members generate together the groupˊs private key and at least t members can generate certificate, members are allowed to join or leave without changing the groupˊs private key which reduces the implementation cost, the conspiracy attack immune property was obtained by introducing signersˊ inherent public keys and private keys, and the traceability was realized by constructing identity tracking table and effective identity tracking protocol, meanwhile the new scheme could verify partial signaturesˊcorrectness which can prevent the signers dishonesty.%现有虚拟企业信任认证方案都没有定期更新功能,且有些不具备身份可追查性,有些不能抵抗合谋攻击,安全性较差。为此,在(t,n)门限秘密共享的基础上提出了一个可定期更新、身份可追查、抗合谋攻击、部分签名可验证的安全性更高的虚拟企业动态认证方案,进行了安全性分析。方案无需可信中心,由群内所有成员共同生成群私钥;可以动态增减成员而无需改变群私钥,减小了方案实施的代价;引入成员的固有公私钥对,实现了抗合谋攻击;通过构建身份追查表、y值吊销表及有效的身份追查协议,实现了签名成员身份的可追查性;方案还能对部分签名进行验证,防止签名成员的不诚实行为。
展开▼
