Strongly Unforgeable Certificateless Signature Resisting Attacks from Malicious-But-Passive KGC

In digital signature, strong unforgeability requires that an attacker cannot forge a new signature on any previously signed/new messages, which is attractive in both theory and practice. Recently, a strongly unforgeable certificateless signature (CLS) scheme without random oracles was presented. In this paper, we firstly show that the scheme fails to achieve strong unforgeability by forging a new signature on a previously signed message under its adversarial model. Then, we point out that the scheme is also vulnerable to the malicious-but-passive key generation center (MKGC) attacks. Finally, we propose an improved strongly unforgeable CLS scheme in the standard model. The improved scheme not only meets the requirement of strong unforgeability but also withstands the MKGC attacks. To the best of our knowledge, we are the first to prove a CLS scheme to be strongly unforgeable against the MKGC attacks without using random oracles.

[1]  Brent Waters,et al.  Strongly Unforgeable Signatures Based on Computational Diffie-Hellman , 2006, Public Key Cryptography.

[2]  Da Li,et al.  Certificateless Signature Scheme without Random Oracles , 2009, ISA.

[3]  Chenhui Wang,et al.  Certificateless signature scheme with security enhanced in the standard model , 2014, Inf. Process. Lett..

[4]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[5]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[6]  Duncan S. Wong,et al.  Certificateless Public-Key Signature: Security Model and Efficient Construction , 2006, ACNS.

[7]  Sherman S. M. Chow,et al.  Security Mediated Certificateless Signatures , 2007, ACNS.

[8]  Yi Mu,et al.  Certificateless Threshold Ring Signature , 2009, Inf. Sci..

[9]  Jian Weng,et al.  Security Mediated Certificateless Signatures Without Pairing , 2010, J. Comput..

[10]  Yi Mu,et al.  Malicious KGC attacks in certificateless cryptography , 2007, ASIACCS '07.

[11]  Ying-Hao Hung,et al.  Certificateless Signature with Strong Unforgeability in the Standard Model , 2015, Informatica.

[12]  Qiaoyan Wen,et al.  Provably secure and efficient certificateless signature in the standard model , 2015, Int. J. Inf. Commun. Technol..

[13]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[14]  Yi Liu,et al.  Efficient and secure certificateless signature scheme in the standard model , 2017, Int. J. Commun. Syst..

[15]  Sébastien Canard,et al.  An Efficient Certificateless Signature Scheme in the Standard Model , 2016, ICISS.

[16]  Yi Mu,et al.  Improved certificateless signature scheme provably secure in the standard model , 2012, IET Inf. Secur..

[17]  Pil Joong Lee,et al.  Generic Construction of Certificateless Signature , 2004, ACISP.

[18]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[19]  Joseph K. Liu,et al.  Self-Generated-Certificate Public Key Cryptography and certificateless signature/encryption scheme in the standard model: extended abstract , 2007, ASIACCS '07.

[20]  Fagen Li,et al.  An Improved Certificateless Signature Scheme Secure in the Standard Model , 2008, Fundam. Informaticae.

[21]  Yi Mu,et al.  Certificateless Signature Revisited , 2007, ACISP.

[22]  Bok-Min Goi,et al.  An Efficient Certificateless Signature Scheme , 2006, IACR Cryptol. ePrint Arch..

[23]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.

[24]  Takeshi Okamoto,et al.  Strongly Unforgeable ID-Based Signatures without Random Oracles , 2009, ISPEC.