中文摘要：

对徐邢启等人提出的基于身份的无证书高效签名方案进行安全性分析,结果表明方案不能抵抗公钥替换攻击和恶意KGC攻击。为此,提出一种改进方案。在改进方案的签名验证阶段增加了对用户公钥的合法性验证,有效抵抗了公钥替换攻击;利用用户的身份信息和公钥共同生成部分私钥,有效抵抗了恶意KGC攻击。

英文摘要：

Security analysis on the efficient certificateless signature scheme presented by Xu X Q et al. shows that the scheme is insecure against public key replacement attack and malicious KGC attack. Therefore an improved scheme is proposed. In its signature verification phase,the improved scheme adds the validity verification on user＇s public key,thus effectively resists the public key replacement attacks.Owing to using user＇s identity information and public key to jointly generate the partial private key,it effectively resists the malicious KGC attack as well.