Cryptanalysis of a certificateless aggregate signature scheme for mobile computation

Recently, Xiong et al. proposed an efficient certificateless aggregate s ignature (CLAS) scheme for mobile computation. They demonstrated that their scheme is provably secure in the random oracle model. Unfortunately, by giving a concrete attack, in this paper, we point out that Xiong et al.'s scheme is not secure at all and an adversary without the partial private key and the secret value could forge a legal message. Hence, Xiong et al.'s scheme is not fea sible for practical applications.

[1]  Jia-Lun Tsai,et al.  Weaknesses and improvements of an efficient certificateless signature scheme without using bilinear pairings , 2014, Int. J. Commun. Syst..

[2]  Zhu Hui,et al.  Certificateless Signcryption Scheme Without Pairing , 2010 .

[3]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[4]  Lei Zhang,et al.  A new certificateless aggregate signature scheme , 2009, Comput. Commun..

[5]  Debiao He,et al.  A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography , 2012, Secur. Commun. Networks.

[6]  Rui Zhang,et al.  An efficient and provably‐secure certificateless signature scheme without bilinear pairings , 2012, Int. J. Commun. Syst..

[7]  Lei Zhang,et al.  Efficient many-to-one authentication with certificateless aggregate signatures , 2010, Comput. Networks.

[8]  Muhammad Khurram Khan,et al.  Improving the security of 'a flexible biometrics remote user authentication scheme' , 2007, Comput. Stand. Interfaces.

[9]  Kefei Chen,et al.  An Adaptive Stable Link Selection Algorithm for Mobile Ad Hoc Networks , 2007 .

[10]  Rui Zhang,et al.  A new two-round certificateless authenticated key agreement protocol without bilinear pairings , 2011, Mathematical and computer modelling.

[11]  Sahadeo Padhye,et al.  An efficient certificateless two-party authenticated key agreement protocol , 2012, Comput. Math. Appl..

[12]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[13]  Liusheng Huang,et al.  Cryptanalysis of a certificateless signature scheme without pairings , 2013, Int. J. Commun. Syst..

[14]  Zhong Chen,et al.  Strong Security Enabled Certificateless Aggregate Signatures Applicable to Mobile Computation , 2011, 2011 Third International Conference on Intelligent Networking and Collaborative Systems.

[15]  Sahadeo Padhye,et al.  A pairing‐free certificateless authenticated key agreement protocol , 2012, Int. J. Commun. Syst..

[16]  Ricardo Dahab,et al.  Efficient Certificateless Signatures Suitable for Aggregation , 2007, IACR Cryptol. ePrint Arch..