Abstract
The certificateless aggregate signature (CLAS) scheme is a very important data aggregation technique that compresses a large number of signatures from different users into a short signature. CLAS can reduce the total length of a signature and the computational overhead of signature verification and is therefore highly suitable for resource-constrained network environments. Many CLAS schemes have been proposed in recent years, but the construction of a secure and efficient CLAS scheme remains important. In 2018, Li et al. found that the CLAS scheme proposed by He et al. could not resist malicious-but-passive KGC attacks, and they presented an improved CLAS scheme. Du et al. proposed a CLAS scheme with the constant aggregate signature length and claimed that their scheme was resistant to forgery attacks. Chen et al.designed a CLAS scheme with efficient verification and proved that their CLAS scheme was secure in the random oracle model. In this paper, we demonstrate that Li et al.’s CLAS scheme, Du et al.’s CLAS scheme, and Chen et al.’s CLAS scheme are insecure against coalition attacks and present concrete examples. That is, an attacker can forge a valid aggregate signature using some illegal single signatures. To withstand suck attacks, we propose an improved CLAS scheme based on Chen et al.’s CLAS scheme.
Highlights
The traditional signature scheme provides security services such as integrity of the message, nonrepudiation of the signer, and user authentication
We demonstrate that Li et al.’s certificateless aggregate signature (CLAS) scheme, Du et al.’s CLAS scheme, and Chen et al.’s CLAS scheme are insecure against coalition attacks and present concrete examples
We present a cryptanalysis of three CLAS schemes
Summary
The traditional signature scheme provides security services such as integrity of the message, nonrepudiation of the signer, and user authentication. In 2013, Xiong et al [13] presented an efficient CLS scheme and used it to design a CLAS scheme with constant pairing computations He et al [14] found that Xiong et al.’s CLS and CLAS schemes [13] were not secure against malicious KGC attacks, and they proposed an improved CLAS scheme. Most CLAS schemes do not consider coalition attacks [22], which are a type of practical and powerful attack in which an attacker attempts to generate a valid aggregate signature by using illegal individual signatures. Once such an attack is successful, the validity of an aggregate signature cannot guarantee that each individual signature participating in the aggregation is valid This requires that a secure CLAS scheme should be able to resist coalition attacks.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
