摘要
数字签名方案的安全性依赖于签名者私钥的安全性,当签名者的私钥泄露后,使用该私钥产生的所有签名都变得不可信。新方案引入了一个时间参数T,以及一个可信的第三方,解决了签名者私钥丢失之前所签消息的可信性问题。提出让签名者维护一份签名记录表,并且第三方也维护一份签名记录表,然后定期比较这两份签名记录,可以使得签名者能够及时地发现私钥丢失。分析表明,新方案可以及时地发现私钥的丢失,并且当签名者私钥丢失之后,依然可以保证该私钥丢失之前所产生签名的有效性,是一个安全可行的数字签名方案。
The digital signature security relies on the security of the signer's private key, if the private key leaks out, all of the signatures from the private key will completely lost their credibility. A new scheme is proposed which adds a time parameter T and a trustworthy third-party in order to solve the problem of verification of the signature before the lost of the private key. It is suggested that the signer maintains a signature form, and a third-party also maintains one, and then periodically compare the two signature records, can make signer timely find lost private key. Analysis shows that, the new scheme can timely find the loss of the private key, and after the signer loses pri- vate key, still can guarantee the effectiveness of signature generated by private key before lost, is a safe and feasible digital signature scheme.
出处
《计算机技术与发展》
2013年第2期250-252,F0003,共4页
Computer Technology and Development
基金
昆明理工大学科学研究基金(2007-29)
关键词
数字签名
私钥
丢失
可信性
digital signature
private key
lost
verification
