Abstract
We discuss two common pitfalls found in proofs of security of various certificateless signature (CLS) schemes. As a result of the first observation, we are able to show that a CLS scheme ([Goy06]), previously thought to be secure, is vulnerable to a key replacement attack. We then proceed to define a class of CLS schemes whose security is provable by standard techniques, leading to a more efficient version of a known CLS scheme ([ARP03]) and a (previously unknown) security proof for another ([LCS05]).
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.-J.: Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005)
Cha, J.C., Cheon, J.H.: An identity-based signature from gap diffie-hellman groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)
Choi, K.Y., Park, J.H., Hwang, J.Y., Lee, D.H.: Efficient certificateless signature schemes. In: Katz, Yung: [KY07], pp. 443–458
Dent, W.A.: A survey of certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211 (2006)
Du, H., Wen, Q.: Efficient and provably-secure certificateless short signature scheme from bilinear pairings. Cryptology ePrint Archive, Report 2007/250 (2007), http://eprint.iacr.org/
Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)
Goya, G.H.: Proposta de esquemas de criptografia e de assinatura sob modelo de criptografia de cha pública sem certificado. Master’s thesis, USP (2006)
Gorantla, M.C., Saxena, A.: An efficient certificateless signature scheme. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C. (eds.) CIS 2005. LNCS (LNAI), vol. 3802, pp. 110–116. Springer, Heidelberg (2005)
Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from asiacrypt 2003. In: Desmedt, Y., Wang, H., Mu, Y., Li, Y. (eds.) CANS 2005. LNCS, vol. 3810, pp. 13–25. Springer, Heidelberg (2005)
Hu, B.C., Wong, D.S., Zhang, Z., Deng, X.: Key replacement attack against a generic construction of certificateless signature. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 235–246. Springer, Heidelberg (2006)
Hu, B.C., Wong, D.S., Zhang, Z., Deng, X.: Certificateless signature: a new security model and an improved generic construction. Des. Codes Cryptography 42(2), 109–126 (2007)
Katz, J., Yung, M.: Applied Cryptography and Network Security. In: ACNS 2007. Proceedings 5th International Conference, Zhuhai, China, June 5-8, 2007. LNCS, vol. 4521, Springer, Heidelberg (2007)
Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature / encryption scheme in the standard model. Cryptology ePrint Archive, Report, /373, 2006 (2006), http://eprint.iacr.org/
Li, X., Chen, K., Sun, L.: Certificateless signature and proxy signature schemes from bilinear pairings. Lithuanian Mathematical Journal 45(1), 76–83 (2005)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology: the journal of the International Association for Cryptologic Research 13(3), 361–396 (2000)
Schnorr, C.P.: Efficient signature generation for smart cards. Journal of Cryptology 4(3), 239–252 (1991)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Terada, R., Goya, D.H., Okamoto, E.: A certificateless signature scheme based on bilinear pairing functions. In: SCIS 2007. Symposium on Cryptography and Information Security, Japan (2007)
Yap, W.-S., Chow, S.S.M., Heng, S.-H., Goi, B.-M.: Security mediated certificateless signatures. In: Katz, Yung (eds.) [KY 07], pp. 459–477 (2007)
Yap, W.-S., Heng, S.-H., Goi, B.-M.: An efficient certificateless signature scheme. In: Zhou, X., Sokolsky, O., Yan, L., Jung, E.-S., Shao, Z., Mu, Y., Lee, D.C., Kim, D., Jeong, Y.-S., Xu, C.-Z. (eds.) Emerging Directions in Embedded and Ubiquitous Computing. LNCS, vol. 4097, pp. 322–331. Springer, Heidelberg (2006)
Zhang, Z., Feng, D.: Key replacement attack on a certificateless signature scheme. Cryptology ePrint Archive, Report 2006/453 (2006), http://eprint.iacr.org/
Zhang, Z., Wong, D.S., Xu, J., Feng, D.: Certificateless public-key signature: Security model and efficient construction. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 293–308. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Castro, R., Dahab, R. (2007). Two Notes on the Security of Certificateless Signatures. In: Susilo, W., Liu, J.K., Mu, Y. (eds) Provable Security. ProvSec 2007. Lecture Notes in Computer Science, vol 4784. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75670-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-75670-5_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75669-9
Online ISBN: 978-3-540-75670-5
eBook Packages: Computer ScienceComputer Science (R0)