Warianty tytułu
Języki publikacji
Abstrakty
Certificateless cryptography is a new type of public key cryptography,which removes the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based public key cryptography. Multi-proxy signature is an extension of proxy signature, which allows an original signer authorizing a group of proxy signers and only the cooperation of all proxy signers in the group can create valid proxy signatures on behalf of the original signer. Recently, Jin andWen combined certificateless cryptographywith multi-proxy signature, and proposed a model as well as a concrete scheme of certificateless multi-proxy signature. They claimed that their scheme is provably secure in their security model. Unfortunately, in this paper by giving two attacks, we will show that their certificateless multi-proxy signature scheme can be broken. The first attack indicates their security model is flawed and the second attack indicates their certificateless multi-proxy signature scheme is insecure. Possible improvements are also suggested to prevent these attacks.
Czasopismo
Rocznik
Tom
Strony
365--375
Opis fizyczny
Bibliogr. 17 poz.
Twórcy
autor
- School of Computer Science and Technology University of Science and Technology of China Hefei 230026, P.R. China, miaotian@mail.ustc.edu.cn
autor
- School of Computer Science and Technology University of Science and Technology of China Hefei 230026, P.R. China
autor
- School of Computer Science and Technology University of Science and Technology of China Hefei 230026, P.R. China
Bibliografia
- [1] Shamir, A.: Identity-based cryptosystems and signature schemes. In: CRYPTO’84, LNCS 196, Springer-Verlag, pp.47–53, 1985.
- [2] Al-Riyami, S., Paterson, K.: Certificateless public key cryptography. In: ASIACRYPT 2003, LNCS 2894, Springer-Verlag, pp.452–473, 2003.
- [3] Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from Asiacrypt 2003. In: CANS 2005, LNCS 3810, Springer-Verlag, pp.13–25, 2005.
- [4] Au, M., Chen, J., Liu, J., Mu, Y.,Wong, D., Yang, G.: Malicious KGC attacks in certificateless cryptography. In: ASIACCS 2007, pp.302–311, 2007.
- [5] Zhang, L., Zhang, F.: A new certificateless aggregate signature scheme. Computer Communications, 32(6), pp.1079–1085, 2009.
- [6] Xiong, H., Li, F., Qin, Z.: A provably secure proxy signature scheme in certificateless cryptography. Informatica, 21(2), pp.277–294, 2010.
- [7] Liu, Z., Hu, Y., Zhang, X., Ma, H.: Certificateless signcryption scheme in the standard model. Information Sciences, 180(3), pp.452–464, 2010.
- [8] Weng, J., Yao, G., Deng, H., Chen, M., Li, X.: Cryptanalysis of a certificateless signcryption scheme in the standard model. Information Sciences, 181(3), pp.661–667, 2011.
- [9] Jin, Z.,Wen, Q.: Certificateless multi-proxy signature. Computer Communications, 34(3), pp.344-352, 2011.
- [10] Mambo, M., Usuda, K., Okamoto, E.: Proxy signature for delegating signing operation. In: CCS’96, pp.48–57, 1996.
- [11] Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: CCS’98, pp.83–92, 1998.
- [12] Lee, B., Kim, H., Kim, K.: Strong proxy signature and its applications. In: Proceedings of Symposium on Cryptography and Information Security (SCIS 2001), pp.603–608, 2001.
- [13] Park, H., Lee, I.: A digital nominative proxy signature scheme for mobile communication. In: ICICS 2001, LNCS 2229, Springer-Verlag, pp.451–455, 2001.
- [14] Weissman, J., Ramakrishnan, S.: Using proxies to accelerate cloud applications. In: Proceedings of the Workshop on Hot Topics in Cloud Computing, pp.14–19, 2009.
- [15] Hwang, S., Shi, C.: A simple multi-proxy signature scheme. In: Proceedings of the 10th National Conference on Information Security, pp.134–138, 2000.
- [16] Cao, F., Cao, Z.: A secure identity-based multi-proxy signature scheme. Computers and Electrical Engineering, 35(1), pp.86–95, 2009.
- [17] Xiong, H., Hua, J., Chen, Z., Li, F.: On the security of an identity based multi-proxy signature scheme. Computers and Electrical Engineering, 37(2), pp.129–135, 2011.
Typ dokumentu
Bibliografia
Identyfikatory
Identyfikator YADDA
bwmeta1.element.baztech-6c9185b6-7dbf-4296-ae79-c11d126366c6