Security analysis of the certificateless signature
نویسنده
چکیده
In this paper, we show that the certificateless signature scheme proposed by Yap, Heng and Goi at SecUbiq 2006 is insecure against a key replacement attack and a malicious-but-passive KGC attack, respectively. The former implies that anyone who replaces a signer’s public key can forge valid signatures for that signer without knowledge of the signer’s private key. The latter supposes the malicious-but-passive KGC, which generates system parameters based on the information of the target user to impersonate. Our results are based on the fact that the private key of the YHG scheme has the form of a BLS multisignature generated by the KGC and the user. Finally, we review the vulnerability of several certificateless signature schemes under theses attacks.
منابع مشابه
Reattack of a Certificateless Aggregate Signature Scheme with Constant Pairing Computations
A new attack against a novel certificateless aggregate signature scheme with constant pairing computations is presented. To enhance security, a new certificateless signature scheme is proposed first. Then a new certificateless aggregate signature scheme with constant pairing computations based on the new certificateless signature scheme is presented. Security analysis shows that the proposed ce...
متن کاملA Certificateless Proxy Ring Signature Scheme with Provable Security
Proxy ring signature allows proxy signer to sign messages on behalf of the original signer while providing anonymity. Certificateless public key cryptography was first introduced by Al-Riyami and Paterson in Asiacrypt 2003. In certificateless cryptography, it does not require the use of certificates to guarantee the authenticity of users’ public keys. Meanwhile, certificateless cryptography doe...
متن کاملCertificateless Signature Revisited
In this paper we revisit the security models of certificateless signatures and propose two new constructions which are provably secure in the random oracle model. We divide the potential adversaries according to their attack power, and for the first time, three new kinds of adversaries are introduced into certificateless signatures. They are Normal Adversary, Strong Adversary and Super Adversar...
متن کاملOn the Security of Certificateless Signature Schemes from Asiacrypt 2003
In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. In the new paradigm, the necessity of certificates has been successfully removed. The security model for certificateless cryptography was also introduced in the same paper. H...
متن کاملA Strong RSA-based and Certificateless-based Signature Scheme
The certificateless-based signature system allows people to verify the signature without the certificate. For this reason, we do not need the certificate authority (CA) to store and manage users’ certificates and public keys. Certificateless-based signature can also overcome the certificate management problem and the key escrow problem of the traditional signature system. In 2012, Zhang and Mao...
متن کاملOn the security models for certificateless signature schemes achieving level 3 security
Public key cryptography has found many applications in our modern society. To guarantee the authenticity of public keys, we need a trusted third party (TTP). In 1991, Girault defined three trust levels for a TTP. The higher the trusted level of the TTP is, the higher the security level of the cryptographic scheme is. In 2007, Hu et al. proposed a generic construction of a certificateless signat...
متن کامل