Cryptanalysis on Two Certificateless Signature Schemes

  • Futai Zhang 1. School of Computer Science and technology Nanjing Normal University, Nanjing 210046, P.R. China, and 2. Jiangsu Engineering Research Center on Information Security and Privacy Protection Technology Nanjing 210046, P.R. China
  • Sujuan Li 1. School of Computer Science and technology Nanjing Normal University, Nanjing 210046, P.R. China, and 2. Nanjing University of Technology Nanjing 210037, P.R. China
  • Songqin Miao 1. School of Computer Science and technology Nanjing Normal University, Nanjing 210046, P.R. China, and 2. Jiangsu Engineering Research Center on Information Security and Privacy Protection Technology Nanjing 210046, P.R. China
  • Yi Mu Centre for Computer and Information Security Research School of Computer Science and Software Engineering University of Wollongong NSW 2522, Australia
  • Willy Susilo Centre for Computer and Information Security Research School of Computer Science and Software Engineering University of Wollongong NSW 2522, Australia
  • Xinyi Huang Centre for Computer and Information Security Research School of Computer Science and Software Engineering University of Wollongong NSW 2522, Australia

Abstract

Certificateless cryptography has attracted a lot of attention from the research community, due to its applicability in information security. In this paper, we analyze two recently proposed certificateless signature schemes and point out their security flaws. In particular, we demonstrate universal forgeries against these schemes with known message attacks.

References

[1] S. Al-Riyami, K. Paterson. Certificateless public key cryptography. Proceedings of Asiacrypt 2003, Lecture Notes in Computer Science 2894, Springer-Verlag, 452-473, 2003.

[2] A. Shamir. Identity based cryptosystems and signature schemes. Proceedings of Crypto'84, 47-53, 1984.

[3] X. Huang, W. Susilo, Y. Mu, F. Zhang. On the security of a certificateless signature scheme. Proceedings of ACISP 2005, 13-25, 2005.

[4] Z. Xu, X. Liu, G. Zhang,W. He, G. Dai,W. Shu. A Certificateless Signature Scheme for MobileWireless Cyber-Physical Systems. The 28th International Conference on Distributed Computing Systems Workshops, 489-494, 2009.

[5] Z. Xu, X. Liu, G. Zhang, W. He. McCLS: Certificateless Signature Scheme for Emergency Mobile Wireless Cyber-Physical Systems. International Journal of Computers, Communications & Control (IJCCC), 3(4): 395-411, 2008.
http://dx.doi.org/10.15837/ijccc.2008.4.2407

[6] W. Yap, S. Heng, B. Goi1. An efficient certificateless signature scheme. Proceedings of EUC Workshops 2006, Lecture Notes in Computer Science 4097, Springer-Verlag, 322-331, 2006.

[7] J. Park. An attack on the certificateless signature scheme from EUC Workshops 2006. Cryptology ePrint Archive, Report 442, 2006.

[8] Z. Zhang, D. Feng. Key replacement attack on a certificateless signature scheme. Cryptology ePrint Archive, Report 453, 2006.

[9] K. Choi, J. Park, J. Hwang, D. Lee. Efficient certificateless signature schemes. Proceedings of ACNS 2007, Lecture Notes in Computer Science 4521, Springer-Verlag, 443-458, 2007.
http://dx.doi.org/10.1007/978-3-540-72738-5_29

[10] R. Castro, R. Dahab. Two notes on the security of certificateless signatures. Proceedings of ProvSec 2007, Lecture Notes in Computer Science 4784, Springer-Verlag, 85-102, 2007.
http://dx.doi.org/10.1007/978-3-540-75670-5_6

[11] Z. Zhang, D. Wong, J. Xu, D. Feng. Certificateless public-key signature: security model and efficient construction. Proceedings of ACNS 2006, Lecture Notes in Computer Science 3989, Springer- Verlag, 293-308, 2006.
http://dx.doi.org/10.1007/11767480_20

[12] B. Hu, D. Wong, Z. Zhang, X. Deng. Key replacement attack against a generic construction of certificateless signature. Proceedings of ACISP 2006, Lecture Notes in Computer Science 4058, Springer-Verlag, 235-346, 2006.
http://dx.doi.org/10.1007/11780656_20

[13] X. Huang, Y. Mu, W. Susilo, D. Wong, W. Wu. Certificateless signature revisited. Proceedings of ACISP 2007, Lecture Notes in Computer Science 4586, Springer-Verlag, 308-322, 2007.
http://dx.doi.org/10.1007/978-3-540-73458-1_23

[14] L. Zhang, F. Zhang, F. Zhang. New efficient certificateless signature scheme. Proceedings of EUC Workshops 2007, Lecture Notes in Computer Science 4809, Springer-Verlag, 692-703, 2007.
http://dx.doi.org/10.1007/978-3-540-77090-9_64
Published
2010-11-01
How to Cite
ZHANG, Futai et al. Cryptanalysis on Two Certificateless Signature Schemes. INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL, [S.l.], v. 5, n. 4, p. 586-591, nov. 2010. ISSN 1841-9844. Available at: <http://univagora.ro/jour/index.php/ijccc/article/view/2517>. Date accessed: 27 sep. 2020. doi: https://doi.org/10.15837/ijccc.2010.4.2517.

Keywords

certificateless cryptography, certificateless signature, public key replacement, universal forgery