Security Pitfalls of the Certificateless Signature and Multi-Receiver Signcryption Schemes

• Autorzy: Shim K. A. , Lee Y. L.
• Języki publikacji: EN

Abstrakty

EN

Recently, Xiong et al. and Selvi et al. proposed a certificateless signature scheme secure in the standard model and a certificateless multi-receiver signcryption scheme secure in the random oracle model, respectively. In this paper, we show that they are insecure against malicious-butpassive KGC attacks. More specifically, the former does not achieve unforgeability and the latter does not satisfy confidentiality against type II adversaries.

Słowa kluczowe

EN

certificateless signature; certificateless signcryption; certificateless multi-receiver signcryption; malicious-but-passive KGC attack; confidentiality; unforgeability

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2011
• Tom: Vol. 112, nr 4
• Strony: 365--376
• Opis fizyczny: Bibliogr. 23 poz.

Twórcy

autor

Shim K. A.

autor

Lee Y. L.

• Division of Fusion and Convergence of Mathematical Sciences, National Institute for Mathematical Sciences, KT Daeduk 2 Research Center 463-1 Yuseong-gu, Daegeon, Korea,

Bibliografia

• [1] S.S. Al-Riyami, K.G. Paterson, Certificateless public key cryptography, In: C.S. Laih (Ed.), Advances in Cryptology-Asiacrypt'03, LNCS, vol. 2894, Springer-Verlag, 2003, pp. 452-473.
• [2] M.H. Au, J. Chen, J.K. Liu, Y. Mu, D.S. Wong, G. Yang, Malicious KGC attacks in certificateless cryptography, In: R. Deng, P. Samarati (Eds.), Proceedings of ASIACCS'07, ACM, New York, 2007, pp. 302-311.
• [3] J. Baek, R. Safavi-Naini, W. Susilo, Certificateless public key encryption without pairing, In: J. Zhou, J. Lopez, R. Deng (Eds.), Proceedings of ISC'05, LNCS, vol. 3650, Springer-Verlag, 2005, pp. 134-148, 2005.
• [4] M. Barbosa, P. Farshim, Certificateless signcryption, In: M. Abe, V. Gligor (Eds.), Proceedings of ASIACCS' 08, ACM, New York, 2008, pp. 369-372.
• [5] M. Bellare, A. Boldyreve, S. Micali, Public-key encryption in a multi-user setting: security proofs and improvements, In : B. Prenell (Ed.), Advances in Cryptology-Eurocrypt'00, LNCS, vol. 1807, Springer-Verlag, 2000, pp. 259-274.
• [6] R. Canetti, S. Halevi, J. Katz, Chosen-ciphertext security from identity-based encryption, In: C. Cachin, J. Camenisch (Eds.), Advances in Cryptology-Eurocrypt'04, LNCS, vol. 3027, Springer-Verlag, 2004, pp. 207-222.
• [7] K. Choi, J. Park, J. Hwang, D. Lee, Efficient certificateless signature schemes, In: J. Katz, M. Yung (Eds.), Proceedings of ACNS'07, LNCS, vol. 4521, Springer-Verlag, 2007, pp. 443-458.
• [8] A. Dent, B. Libert, K.G. Paterson. Certficateless encryption schemes strongly secure in the standard model, In: R. Cramer (Ed.), Proceedings of PKC'08, LNCS, vol. 4939, Springer-Verlag, 2008, pp. 344-359.
• [9] S. Duan, Z. Cao, Efficient and provably secure multi-receiver identity-based signcryption, In: L.M. Batten, R. Safavi-Naini (Eds.), Proceedings of ACISP'06, LNCS, vol. 4058, Springer, Heidelberg, 2006, pp. 295-206.
• [10] B.C. Hu, D.S. Wong, Z. Zhang, X. Deng, Key replacement attack against a generic construction of certificateless signature, In: L. Batten, R. Safavi-Naini (Eds.), Proceedings of ACISP'06, LNCS, vol. 4058, Springer-Verlag, 2006, pp. 235-246.
• [11] X. Huang, W. Susilo, Y. Mu, F. Zhang, On the security of certificateless signature schemes from Asiacrypt 2003, In: Y.G. Desmedt et al. (Eds.), Proceedings of CANS'05, LNCS, vol. 3810, Springer-Verlag, 2005, pp. 13-25.
• [12] Y. H. Hwang, J.K. Liu, Certificateless public key encryption secure against malicious KGC attacks in the standard model, Journal of Universal Computer Science 14 (3) (2008) 463-480.
• [13] B. Libert, J.J. Quisquater, On constructing certificateless cryptosystems from identity based encryption, In: M. Yung et al. (Eds.), Proceedings of PKC'06, LNCS, vol. 3958, Springer-Verlag, 2006, pp. 474-490.
• [14] J.K. Liu, M.H. Au, W.Susilo, Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model, In: R. Deng, P. Samarati (Eds.), Proceedings of ASIACCS'07, ACM, New York, 2007, pp. 273-283.
• [15] K. Paterson, J. Schuldt, Efficient identity-based signatures secure in the standard model, In: L. Batten, R. Safavi-Naini (Eds.) Proceedings of ACISP'06, LNCS, vol. 4058, Springer-Verlag, 2006, pp. 207-222.
• [16] A. Shamir, Identity based cryptosystems and signature schemes, In: G. R.Blakley, D.Chaum(Eds.), Advances in Cryptology-Crypto'84, LNCS, vol. 196, Springer-Verlag, 1984, pp. 47-53.
• [17] S. Sharmila Deva Selvi, S. Sree Vivek, Ragavendran Gopalarkrishnan, Naga Naresh Karuturi, C. Pandu Rangan, On the provable security of multi-receiver signcryption schemes, Cryptologry ePrint Archive, Report 2008/238, http://eprint.iacr.org/2008/238.
• [18] S. Sharmila Deva Selvi, S. Sree Vivek, C. Pandu Rangan, A note on the certificateless multi-receiver signcryption scheme, Cryptologry ePrint Archive, Report 2009/308, http://eprint.iacr.org/2009/308.
• [19] S. Sharmila Deva Selvi, S. Sree Vivek, Deepanshu Shukla, C. Pandu Rangan Chandrasekaran, Efficient and provably secure certificateless multi-receiver signcryption, In: J. Baek, F. Bao, K. Chen, X. Lai (Eds.), Proceedings of ProvSec'08, LNCS, vol. 5324, Springer-Verlag, 2008, pp. 52-67.
• [20] Q. Xia, C. Xu, Y. Yu, Key replacement attack on two certificateless signature schemes without random oracles, Key EngineeringMaterials 439-440 (2010) 1606-1611.
• [21] H. Xiong, Z. Qin, F. Li, An improved certificateless signature scheme secure in the standard model, Jounal of Fumdamenta Informaticae 88 (2008) 193-206.
• [22] Z. Zhang, D.S. Wong, J. Xu, D. Feng, Certificateless public-key signature: Security model and efficient construction, In J. Zhou,M. Yung, F. Bao (Eds.), Proceedings of ACNS'06, LNCS, vol. 3989, Springer-Verlag, 2006, pp. 293-308.
• [23] Y. Zheng, Digital signcryption or how to achieve cost (signature and encryption) ≪ cost (signature) + cost(encryption), In: G. Goos, J. Hartmanis, J. van Leeuwen (Eds.), Advances in Cryptology-Crypto'97, LNCS, vol. 1294, Springer-Verlag, 1997, pp. 291-312