An Improved Certificateless Signature Scheme Secure in the Standard Model

• Autorzy: Xiong H. , Qin Z. , Li F.
• Języki publikacji: EN

Abstrakty

EN

In ASIACCS 2007, Liu et al proposed a certificateless signature scheme which is provably secure in the standard model. However, as we will show in this paper, the proposed scheme is insecure against a malicious-but-passive KGC attack. This implies that the malicious-but-passive KGC, which generates system parameters based on the information of the target user, can forge valid signatures for that signer without being detected. Furthermore, we propose an improved scheme that remedies the weakness of Liu et al’s scheme. The improved scheme can be proven secure against malicious-but-passive KGC attack in the standard model.

Słowa kluczowe

EN

certificateless signature; standard model; attack model

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2008
• Tom: Vol. 88, nr 1-2
• Strony: 193--206
• Opis fizyczny: bibliogr. 18 poz.

Twórcy

autor

Xiong H.

autor

Qin Z.

autor

Li F.

• School of Computer Science and Engineering University of Electronic Science and Technology of China Chengdu 610054, P.R. China,

Bibliografia

• [1] S.S. Al-Riyami, K. Paterson. Certificateless Public Key Cryptography. in AsiaCrypt 2003, volume 2894 of LNCS, pages 452-473. Springer, 2003.
• [2] D. Boneh, M. Franklin. Identity-Based Encryption from the Weil Pairing. In Crypto 2001, volume 2139 of LNCS, pages 213-229. Springer 2001.
• [3] A. Shamir. Identity-Based Cryptosystems and Signature Schemes. In Crypto 1984 volume 196 of LNCS, pages 47-53. Springer, 1984.
• [4] X.Y. Huang, W. Susilo, et al. On the Security of Certificateless Signature Schemes from Asiacrypt 2003. Cryptology and Network Security: 4th International Conference, volulme 3810 of LNCS, pages 13-25. Springer, 2005.
• [5] D.H. Yum, P. J. Lee. Generic Construction of Certificateless Signature. Proc. of Information Security and Privacy: 9th Australasian Conference, ACISP 2004, vol 3108of LNCS, pages 200-211. Springer, 2004.
• [6] B.C. Hu, D.S.Wong, et al. Key Replacement Attack Against a Generic Construction of Certificateless Signature. Proc. of Information Security and Privacy: Australasian Conference, ACISP 2006, vol 4058 of LNCS, pages 235-246. Springer, 2006.
• [7] Z. Zhang, D. Wong. Certificateless Public-Key Signature: Security Model and Efficient Construction. In: Zhou. J., Yung,M., Bao, F.(eds) ACNS 2006. vol 3989 of LNCS, pages 293-308. Springer, 2006.
• [8] M.C. Gorantla, A. Saxena. An Efficient Certificateless Signature Scheme. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C.(eds.) CIS 2005. vol 3802 of LNCS, pages 110-116. Springer, 2005.
• [9] X. Cao, K.G. Paterson, W. Kou, An Attack on a Certificateless Signature Scheme. In: Cryptography ePrint Archive. Available online: http://eprint.iacr.org/2006/367.
• [10] J.K. Liu, M.H. Au, et al.Self-Generated-Certificate Public Key Cryptography and certificateless signature/encryption scheme in the standard model. In: 2007 ACM symposium on Information, computer and communications security-ASIACCS'2007, pages 273 - 283.
• [11] M.H. Au, J. Chen, Y. Mu, D.S. Wong, G. Yang. Malicious KGC attacks in certificateless cryptography. In: 2007 ACM symposium on Information, computer and communications security-ASIACCS'2007, pages 302 - 311.
• [12] B. Libert, J.-J. Quisquater. On Constructing Certificateless Cryptosystems from Identity Based Encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G.(eds.) PKC 2006. vol 3958 of LNCS, pages 474-490. Springer, 2006.
• [13] Q. Huang, D.Wong. Generic Certificateless Encryption in the StandardModel. In: A.Miyaji, H.Kikuchi, and K.Rannenberg(Eds.) IWSEC 2007. vol 4752 of LNCS, pages 278-291. Springer, 2007.
• [14] X. Huang, Y. Mu, et al. Certificateless Signature Revisited. In J.Pieprzyk, H.Ghodosi, and E. Dawson(Eds.) ACISP 2007. vol of 4586 of LNCS, pages 308-322. Springer, 2007.
• [15] A.W.Cheng and R.Comley. Efficient certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211,2006. http://eprint.iacr.org/2006/211.
• [16] Hu, B., D.Wong, et al. Certificateless signature: a new security model and an improved generic construction. Designs, Codes and Cryptography 42(2), pages 109-126. 2007.
• [17] Kenneth G. Paterson, Jacob C. N. Schuldt, Efficient Identity-based Signatures Secure in the Standard Model, L. Batten and R. Safavi-Naini (Eds.): ACISP 2006, LNCS 4058, pages 207-222, 2006.
• [18] A Lysyanskaya. Unique signatures and verifiable random functions from the DH-DDH separation. In CRYPTO 2002, volume 2442 of LNCS, pages 597-612. Springer 2002.