Security Pitfalls of the Certificateless Signature and Multi-Receiver Signcryption Schemes

Recently, Xiong et al. and Selvi et al. proposed a certificateless signature scheme secure in the standard model and a certificateless multi-receiver signcryption scheme secure in the random oracle model, respectively. In this paper, we show that they are insecure against malicious-butpassive KGC attacks. More specifically, the former does not achieve unforgeability and the latter does not satisfy confidentiality against type II adversaries.

[1]  Zhenfu Cao,et al.  Efficient and Provably Secure Multi-receiver Identity-Based Signcryption , 2006, ACISP.

[2]  Yi Mu,et al.  Malicious KGC attacks in certificateless cryptography , 2007, ASIACCS '07.

[3]  Joonsang Baek,et al.  Certificateless Public Key Encryption Without Pairing , 2005, ISC.

[4]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[5]  Xiaotie Deng,et al.  Key Replacement Attack Against a Generic Construction of Certificateless Signature , 2006, ACISP.

[6]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[7]  Qi Xia,et al.  Key Replacement Attack on Two Certificateless Signature Schemes without Random Oracles , 2010 .

[8]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[9]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[10]  Dong Hoon Lee,et al.  Efficient Certificateless Signature Schemes , 2007, ACNS.

[11]  C. Pandu Rangan,et al.  Cryptanalysis of Mu et al.'s and Li et al.'s Schemes and a Provably Secure ID-Based Broadcast Signcryption (IBBSC) Scheme , 2009, WISA.

[12]  C. Pandu Rangan,et al.  On the Provable Security of Multi-Receiver Signcryption Schemes , 2008, IACR Cryptol. ePrint Arch..

[13]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[14]  Kenneth G. Paterson,et al.  Certificateless Encryption Schemes Strongly Secure in the Standard Model , 2008, Public Key Cryptography.

[15]  Duncan S. Wong,et al.  Certificateless Public-Key Signature: Security Model and Efficient Construction , 2006, ACNS.

[16]  Joseph K. Liu,et al.  Certificateless Public Key Encryption Secure against Malicious KGC Attacks in the Standard Model , 2007, IACR Cryptol. ePrint Arch..

[17]  Joseph K. Liu,et al.  Self-Generated-Certificate Public Key Cryptography and certificateless signature/encryption scheme in the standard model: extended abstract , 2007, ASIACCS '07.

[18]  Jean-Jacques Quisquater,et al.  On Constructing Certificateless Cryptosystems from Identity Based Encryption , 2006, Public Key Cryptography.

[19]  C. Pandu Rangan,et al.  A note on the Certificateless Multi-receiver Signcryption Scheme , 2009, IACR Cryptol. ePrint Arch..

[20]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.

[21]  Yi Mu,et al.  On the Security of Certificateless Signature Schemes from Asiacrypt 2003 , 2005, CANS.

[22]  Fagen Li,et al.  An Improved Certificateless Signature Scheme Secure in the Standard Model , 2008, Fundam. Informaticae.

[23]  Manuel Barbosa,et al.  Certificateless signcryption , 2008, ASIACCS '08.

[24]  C. Pandu Rangan,et al.  Efficient and Provably Secure Certificateless Multi-receiver Signcryption , 2008, ProvSec.