随着基于公钥密码体制的数字签名技术的发展,密钥管理问题成为数字签名技术能否广泛应用的关键所在,简化密钥管理成为数字签名技术发展的新方向。因此,基于身份的数字签名被提出,它简化了密钥管理工作,具有签名长度短的优点。之后,密码学界将双线性映射应用于基于身份的数字签名,它有效简化了证书密钥管理和密钥分发问题。随后,各种基于身份的数字签名的变种方案被提出,如基于身份的代理签名、基于身份的盲签名、基于身份的环签名和基于身份的门限签名等。文章主要内容为基于身份的代理签名。文章通过对王泽成等人的基于身份的代理签名方案进行分析,展示出这种方案是不安全的,尽管这种方案在随机预言机模型下被证明是安全的。此外,该方案不满足不可伪造性,原始授权人能够伪造一个合法有效的代理签名,代理人也可以滥用其代理签名权利。文章在此基础上提出了改进方案,新方案克服了原方案的安全缺陷,也满足了代理签名的各种安全性要求。
With the development of digital signatures based on public key cryptography, key management issue decides whether digital signature technology can be widely used or not, simpliifng key management becomes the new development direction of digital signature. Thus, Identity-based digital signature is proposed, which simplifies the work of key management, with the advantage of a short signature. After that, the bilinear mapping is applied to identity-based digital signature in cryptographic ifled, which effectively simpliifes the certiifcates key management and key distribution problem. Subsequently, a variety of identity-based digital signature variant schemes have been proposed, such as identity-based proxy signature, identity-based blind signature, identity-based ring signature and identity-based threshold signature and so on. The main content in this paper is identity-based proxy signature. According to the analysis of identity-based proxy signature scheme made by Wang, this paper demonstrates this solution is unsafe, although such program is proven to be secure under the random oracle model in existing references. Otherwise, the program does not meet the unforgeability , the original signer can forge a legalandvalid proxy signature, proxy signer can also abuse proxy signature right. On this basis, this paper improves the original program, not only overcomes the deifciencies of the original program, but also meets the various security needs of proxy signature.