On the Security of a Certificateless Aggregate Signature Scheme

Certificateless cryptography eliminates the need of certificates in public key cryptosystems and solves the inherent key escrow problem in identity-based cryptosystems. An aggregate signature scheme is a signature scheme which allows to aggregate n signatures on n distinct messages from n distinct users into a single signature. Recently, Zhang and Zhang proposed a certificateless aggregate signature scheme provably secure in the random oracle model under the Computational Diffie-Hellman assumption. In this paper, we propose a novel fundamental security requirement for certificateless aggregate signature schemes, called coalition resistance, by presenting coalition attacks on Zhang-Zhang's scheme.

[1]  Joseph K. Liu,et al.  Self-Generated-Certificate Public Key Cryptography and certificateless signature/encryption scheme in the standard model: extended abstract , 2007, ASIACCS '07.

[2]  Bok-Min Goi,et al.  An Efficient Certificateless Signature Scheme , 2006, IACR Cryptol. ePrint Arch..

[3]  Kenneth G. Paterson,et al.  An Attack on a Certificateless Signature Scheme , 2006, IACR Cryptol. ePrint Arch..

[4]  Thomas Ristenpart,et al.  The Power of Proofs-of-Possession: Securing Multiparty Signatures against Rogue-Key Attacks , 2007, EUROCRYPT.

[5]  Duncan S. Wong,et al.  Certificateless Public-Key Signature: Security Model and Efficient Construction , 2006, ACNS.

[6]  Xiaotie Deng,et al.  Key Replacement Attack Against a Generic Construction of Certificateless Signature , 2006, ACISP.

[7]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[8]  Alexandra Boldyreva,et al.  Efficient threshold signature , multisignature and blind signature schemes based on the Gap-Diffie-Hellman-group signature scheme , 2002 .

[9]  S. Micali,et al.  Accountable-Subgroup Multisignatures , 2001 .

[10]  Yi Mu,et al.  On the Security of Certificateless Signature Schemes from Asiacrypt 2003 , 2005, CANS.

[11]  Yi Mu,et al.  Malicious KGC attacks in certificateless cryptography , 2007, ASIACCS '07.

[12]  Dong Hoon Lee,et al.  Efficient Certificateless Signature Schemes , 2007, ACNS.

[13]  Ashutosh Saxena,et al.  An Efficient Certificateless Signature Scheme , 2005, CIS.

[14]  Pil Joong Lee,et al.  Generic Construction of Certificateless Signature , 2004, ACISP.

[15]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[16]  Lei Zhang,et al.  A new certificateless aggregate signature scheme , 2009, Comput. Commun..

[17]  Dengguo Feng,et al.  Key Replacement Attack on a Certificateless Signature Scheme , 2006, IACR Cryptol. ePrint Arch..

[18]  Xiangxue Li,et al.  Certificateless signature and proxy signature schemes from bilinear pairings , 2005 .

[19]  Xiaotie Deng,et al.  Certificateless signature: a new security model and an improved generic construction , 2007, Des. Codes Cryptogr..

[20]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .