In mobile code environment, signing private keys are liable to be exposed; visited hosts are susceptible to be attacked by all kinds of vicious mobile codes, therefore a signer often sends remote nodes mobile codes containing an encrypted signature function to complete a signature. The paper first presents a unidirectional split-key scheme for private key protection based on RSA, which is more simple and secure than secret sharing; and then proposes a split-key based signature protocol with encrypted function, which is traceable, undeniable and malignance resistant. Security analysis shows that the protocol can effectively protect the signing private key and complete secure signatures in mobile code environment.
展开▼