Abstract
Certificateless signature (CLS) has no need of public key certificates and also avoids excessive dependence to a third party like that in identity-based setting. Recently, Shim (IEEE Systems Journal, doi:10.1109/JSYST.2018.2844809) came up with a CLS scheme independent of random oracles and asserted that the construction can be immune to the public key replacement attacks and the malicious-but-passive key generation center (KGC) attacks. In this paper, we analyze the security of Shim’s scheme and point out that his conclusions are incorrect by giving two concrete counter-examples. We repair the scheme and put forward a CLS scheme secure against public key replacement attacks and malicious-but-passive KGC attacks without relying on random oracles. Compared with Shim’s scheme, our construction has lower execution cost for signing and verification, and achieves Girault’s top-level security, which means that a victim can repudiate the forgeries based on a false secret key generated by the KGC.
Highlights
Digital signatures can assure the validity, completeness, and non-repudiation of data resources and have drawn a lot of interest since their introduction
The acknowledged entity identity is directly considered as its public key and the corresponding private key can be derived from the identity by a private key generator (PKG)
In this paper, we find that Shim’s scheme cannot resist these attacks launched by the public key replacement attacker and the malicious-butpassive key generation center (KGC), and gave two concrete attacks to illustrate that the security argument showed in [4] fails
Summary
Digital signatures can assure the validity, completeness, and non-repudiation of data resources and have drawn a lot of interest since their introduction. In this paper, we find that Shim’s scheme cannot resist these attacks launched by the public key replacement attacker and the malicious-butpassive KGC, and gave two concrete attacks to illustrate that the security argument showed in [4] fails. Huang et al [5] indicated that the concrete scheme given in [2] cannot resist the public key replacement attack They formally defined the security model of CLS and proposed an improvement. In 2014, Yuan and Wang [23] illustrate that Yu et al.’s CLS scheme is still subjected to the attacks from public key replacement adversaries and malicious-but-passive KGC, and gave a resultful modification. A CLS scheme achieving Level-3 security means that the KGC in the scheme does not impersonate any user by generating his/her false secret key without being detected by the victim. The KGC cannot provide the same partial private key for different public keys
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
