On the Security of a Digital Signature with Message Recovery Using Self-certified Public Key
Self-certified public keys are proposed to eliminate the burden of verifying the public key before using. To alleviate reliance on system authority and strengthen the security of system, Chang et al propose a new digital signature schemes, no redundancy is needed to be embedded in the signed messages in this scheme. Moreover, Chang et al claimed that the schemes are still secure even without the trustworthy system authority, and only the specified recipient can recover the message in his authentication encryption schemes. Unfortunately, In this work, we analyze the security of Chang et al scheme and show that if the system authority is trustless, the scheme is insecure, namely, the system authority can recover the message without the private key of the recipient in Chang authentication encryption schemes. Finally, we propose an improve scheme to overcome the weakness of Chang et al scheme.
digital signature message recovery self-certified public key improved scheme
Jianhong Zhang Huan Li
College of science,North China University of Technology, Beijng, P.R.China
国际会议
武汉
英文
1171-1174
2005-09-23(万方平台首次上网日期,不代表论文的发表时间)