Formal Analysis on Interactive Electronic Signing

doi:10.3969/j.issn.1671-1122.2016.09.006

Netinfo Security ›› 2016, Vol. 16 ›› Issue (9): 31-34.doi: 10.3969/j.issn.1671-1122.2016.09.006

• Orginal Article • Previous Articles Next Articles

Formal Analysis on Interactive Electronic Signing

Pengfei ZHU^1,²(), Liqin ZHANG², Wei LI², Huazhang YU²

1. Beijing Engineering Laboratory of Smart Network Authentication, Beijing 100085, China
2. Feitian Technologies Co., Ltd., Beijing 100085, China

Received:2016-07-25 Online:2016-09-20 Published:2020-05-13

Abstract

Abstract:

Interactive electronic signing is a kind of electronic signature application closely integrated with specific types of key carriers. In the case of attackers remotely controlling the key carriers by the way of hijacking the hosts, interactive electronic signing can effectively prevent attackers from using the legitimate users’ identities to trade or tamper with the information. This article explores the theoretical framework of interactive electronic signing about scheme design based on formal analysis, sums up the design essentials of interactive electronic signing through the investigation, points out that cheat on signing is one of the major security threats of interactive electronic signing, and provides the formal description of the problem. This article also provides the technology route selection of interactive electronic signing under the framework of cryptographic industry standards, and intercompares some interactive electronic signing schemes based on national cryptographic algorithms from the aspect of security risks.

Key words: interactive electronic signing, formal analysis, industrial standards

CLC Number:

TP309

Pengfei ZHU, Liqin ZHANG, Wei LI, Huazhang YU. Formal Analysis on Interactive Electronic Signing[J]. Netinfo Security, 2016, 16(9): 31-34.

Figures/Tables 1

References 10

[1]	李伟,于华章,朱鹏飞.一种交互型USB Key方案[C]//中国计算机学会信息保密专业委员会.第18届全国信息安全保密学术会议, 11月3-7日,2008.三亚,中国.北京:金城出版社,2008:378-383.
[2]	JR/T 0068-2012.网上银行系统信息安全通用规范R/T 0068-2012.网上银行系统信息安全通用规范[S],2012.
[3]	赵洋,岳峰,熊虎,等. 一种强指定验证者环签名和签密体制[J]. 信息网络安全,2015(10):8-13.
[4]	何永福. 应用于网上银行增强型USB Key的设计探讨[J].计算机安全,2010(4):75-77.
[5]	飞天诚信科技有限公司.复核型USB Key与普通USB Key的混合应用探讨[J].保密科学技术,2011(3):13-15.
[6]	朱鹏飞,李伟,张利琴,等.自主标准化密码应用体系下带复核的电子签名方案设计[J].信息网络安全,2015(9):93-96.
[7]	GM/T 0009-2012.SM2密码算法使用规范M/T 0009-2012.SM2密码算法使用规范[S],2012.
[8]	GM/T 0006-2012.密码应用标识规范M/T 0006-2012.密码应用标识规范[S],2012.
[9]	GM/T 0017-2012.智能密码钥匙密码应用接口数据格式规范M/T 0017-2012.智能密码钥匙密码应用接口数据格式规范[S],2012.
[10]	张键红,甄伟娜. 一种基于身份的代理签名方案的安全性分析及改进[J]. 信息网络安全,2014(8):17-20.

Formal Analysis on Interactive Electronic Signing

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 1

References 10

Related Articles 4

Recommended Articles

Metrics

Comments

[1]	Mengmeng YAO, Li TANG, Yongxing LING, Weidong XIAO. Formal Analysis of Security Protocol Based on Strand Space [J]. Netinfo Security, 2020, 20(2): 30-36.
[2]	Zongping LV, Lei DING, He SUI, Zhaojun GU. Network Security Risk Analysis of Industrial Control System Based on Time Automata [J]. Netinfo Security, 2019, 19(11): 71-81.
[3]	Mengmeng YAO, Zhengchao ZHU, Mingda LIU. An Improved Formal Analysis Method Based on Authentication Tests [J]. Netinfo Security, 2019, 19(1): 27-33.
[4]	Lei YU, Shimin WEI, Mingming JIANG. Formal Analysis Method of Security Protocol Based on Correlation Degree of Principals [J]. Netinfo Security, 2018, 18(6): 45-51.