对一种基于身份前向安全的代理签名方案(Z-Z方案)进行了密码学分析,指出该方案容易遭受移动线性攻击,不具有前向安全性和不可伪造性,并且代理密钥泄漏后攻击者可以伪造未来时段的代理签名.提出了一种改进方案,新方案克服了Z-Z方案的安全漏洞,可以有效抵抗移动线性攻击,并且具有前向安全性和后向安全性:即使代理密钥被泄露,攻击者也无法伪造过去和未来时段的代理签名.%Analyzed an ID-based forward secure proxy signature scheme, it is pointed out that the scheme can not resist mobile linear attack so that it is neither unforgeable nor forward secure, and the malicious attacker can forge proxy signature in the future periods after he intruded the system at certain period. An improved scheme is proposed, it overcomes the security drawbacks and can resist mobile linear attack effectively. Besides it holds forward secure and backward secure simultaneously.
展开▼