Cryptanalysis on Two Certificateless Signature Schemes

Authors

  • Futai Zhang 1. School of Computer Science and technology Nanjing Normal University, Nanjing 210046, P.R. China, and 2. Jiangsu Engineering Research Center on Information Security and Privacy Protection Technology Nanjing 210046, P.R. China
  • Sujuan Li 1. School of Computer Science and technology Nanjing Normal University, Nanjing 210046, P.R. China, and 2. Nanjing University of Technology Nanjing 210037, P.R. China
  • Songqin Miao 1. School of Computer Science and technology Nanjing Normal University, Nanjing 210046, P.R. China, and 2. Jiangsu Engineering Research Center on Information Security and Privacy Protection Technology Nanjing 210046, P.R. China
  • Yi Mu Centre for Computer and Information Security Research School of Computer Science and Software Engineering University of Wollongong NSW 2522, Australia
  • Willy Susilo Centre for Computer and Information Security Research School of Computer Science and Software Engineering University of Wollongong NSW 2522, Australia
  • Xinyi Huang Centre for Computer and Information Security Research School of Computer Science and Software Engineering University of Wollongong NSW 2522, Australia

Keywords:

certificateless cryptography, certificateless signature, public key replacement, universal forgery

Abstract

Certificateless cryptography has attracted a lot of attention from the research community, due to its applicability in information security. In this paper, we analyze two recently proposed certificateless signature schemes and point out their security flaws. In particular, we demonstrate universal forgeries against these schemes with known message attacks.

References

S. Al-Riyami, K. Paterson. Certificateless public key cryptography. Proceedings of Asiacrypt 2003, Lecture Notes in Computer Science 2894, Springer-Verlag, 452-473, 2003.

A. Shamir. Identity based cryptosystems and signature schemes. Proceedings of Crypto'84, 47-53, 1984.

X. Huang, W. Susilo, Y. Mu, F. Zhang. On the security of a certificateless signature scheme. Proceedings of ACISP 2005, 13-25, 2005.

Z. Xu, X. Liu, G. Zhang,W. He, G. Dai,W. Shu. A Certificateless Signature Scheme for MobileWireless Cyber-Physical Systems. The 28th International Conference on Distributed Computing Systems Workshops, 489-494, 2009.

Z. Xu, X. Liu, G. Zhang, W. He. McCLS: Certificateless Signature Scheme for Emergency Mobile Wireless Cyber-Physical Systems. International Journal of Computers, Communications & Control (IJCCC), 3(4): 395-411, 2008. http://dx.doi.org/10.15837/ijccc.2008.4.2407

W. Yap, S. Heng, B. Goi1. An efficient certificateless signature scheme. Proceedings of EUC Workshops 2006, Lecture Notes in Computer Science 4097, Springer-Verlag, 322-331, 2006.

J. Park. An attack on the certificateless signature scheme from EUC Workshops 2006. Cryptology ePrint Archive, Report 442, 2006.

Z. Zhang, D. Feng. Key replacement attack on a certificateless signature scheme. Cryptology ePrint Archive, Report 453, 2006.

K. Choi, J. Park, J. Hwang, D. Lee. Efficient certificateless signature schemes. Proceedings of ACNS 2007, Lecture Notes in Computer Science 4521, Springer-Verlag, 443-458, 2007. http://dx.doi.org/10.1007/978-3-540-72738-5_29

R. Castro, R. Dahab. Two notes on the security of certificateless signatures. Proceedings of ProvSec 2007, Lecture Notes in Computer Science 4784, Springer-Verlag, 85-102, 2007. http://dx.doi.org/10.1007/978-3-540-75670-5_6

Z. Zhang, D. Wong, J. Xu, D. Feng. Certificateless public-key signature: security model and efficient construction. Proceedings of ACNS 2006, Lecture Notes in Computer Science 3989, Springer- Verlag, 293-308, 2006. http://dx.doi.org/10.1007/11767480_20

B. Hu, D. Wong, Z. Zhang, X. Deng. Key replacement attack against a generic construction of certificateless signature. Proceedings of ACISP 2006, Lecture Notes in Computer Science 4058, Springer-Verlag, 235-346, 2006. http://dx.doi.org/10.1007/11780656_20

X. Huang, Y. Mu, W. Susilo, D. Wong, W. Wu. Certificateless signature revisited. Proceedings of ACISP 2007, Lecture Notes in Computer Science 4586, Springer-Verlag, 308-322, 2007. http://dx.doi.org/10.1007/978-3-540-73458-1_23

L. Zhang, F. Zhang, F. Zhang. New efficient certificateless signature scheme. Proceedings of EUC Workshops 2007, Lecture Notes in Computer Science 4809, Springer-Verlag, 692-703, 2007. http://dx.doi.org/10.1007/978-3-540-77090-9_64

Published

2010-11-01

Issue

Vol. 5 No. 4 (2010): International Journal of Computers Communications & Control (October)

Section

Articles

License

ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.

You are free to:

-Share: copy and redistribute the material in any medium or format;

-Adapt: remix, transform, and build upon the material.

The licensor cannot revoke these freedoms as long as you follow the license terms.

 

DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.