中文摘要：

基于证书的密码体制结合了基于公钥基础设施的密码体制和基于身份的密码体制的优点，既简化了公钥的管理又不存在密钥托管问题，对一个无双线性对的基于证书的签名方案进行了密码学分析，指出该方案存在类型II攻击者的伪造性攻击和其证明中的不当之处，并用散列函数绑定随机数的方法对其进行了改进．改进方案在离散对数是困难问题的假设下，在最强的安全模型中被证明是安全的．由于不需要耗时的双线性对运算，新方案效率较高，适合于无线传感器网络等能量受限的系统使用．

英文摘要：

Certificate-based cryptosystem combines the merits of public key infrastructure （PKI）-based cryptosystem and identity-based cryptosystem, which can not only simplify the public key management, but also avoid the key escrow problem. A certificate-based signature scheme without pairing is analyzed, and shown to be forgeable by a type II attacker. In the proof, there exists a security flaw, which is im- proved by means of binding random number to hash function. The improved scheme is proven to be un- forgeab]e in the strongest security model of certificate-based signature scheme under discrete logarithm as- sumption. Without any time-consuming bilinear pairing operations, it shows efficient and applicable to power-constrained devices, such as wireless sensor networks.