Security Analysis and Improvements of Certificateless Aggregate Signature Schemes
Zhang Yu-lei① Li Chen-yi① Wang Cai-fen① Zhang Yong-jie②
①(College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China) ②(Gansu Health Vocational College, Lanzhou 730000, China)
The security of certificateless signature scheme which was proposed by He et al. (2014) is analyzed, and the security of the certificateless aggregate signature scheme which was proposed by Ming et al. (2014) is analyzed too. It is pointed out that the Key Generation Center (KGC) can realize the passive attacks in the Ming’s scheme. It is also pointed out that KGC can realize the passive attack and initiative attack respectively in the Nimg’s scheme. The processes of concrete forgery attacks which perfored by KGC are shown, and the possible reasons are analyzed. Finally, two improved Ming’s schemes are proposed. The improved schemes not only overcome the security problem of original scheme but also have an advantage that the length of aggregated signature is fixed.
Alriyami S S and Paterson K G. Certificateless public key cryptography[C]. Proceedings of the Cryptology-Asiacrypt, Taipei, China, 2003: 452-474.
[2]
Liu Jing-wei, Zhang Zong-hua, and Chen Xiao-feng. Certificateless remote anonymous authentication schemes for wireless body area networks[J]. IEEE Transactions on Parallel & Distributed Systems, 2014, 25(2): 332-342.
Guang Yan, Gu Chun-xiang, Zhu Yue-fei, et al.. Certificateless fully homomorphic encryption based on LWE problem[J]. Journal of Electronics & Information Technology, 2013, 35(4): 988-993.
[4]
Zhang Lei, Wu Qian-hong, Josep Domingo-Ferrerc, et al.. Signatures in hierarchical certificateless cryptography: efficient constructions and provable security[J]. Information Sciences, 2014, 272: 223-237.
[5]
Boneh D, Gentry C, Lynn B, et al.. Aggregate and verifiably encrypted signatures from bilinear maps[C]. Proceedings of the Cryptology-Eurocrypt, Warsaw, Poland, 2003: 416-432.
[6]
Xiong Hu, Guan Zhi, Chen Zhong, et al.. An efficient certificateless aggregate signature with const pairing computations[J]. Information Sciences, 2013, 219: 225-235.
[7]
He De-biao, Tian Miao-miao, and Chen Jian-hua. Insecurity of an ef?cient certi?cateless aggregate signature with constant pairing computations [J]. Information Sciences, 2014, 268: 458-462.
Ming Yang, Zhao Xiang-mo, and Wang Yu-ming. Certificateless aggregate signature scheme[J]. Journal of University of Electronic Science and Technology of China, 2014, 43(2): 188-193.
[9]
Gong Zheng, Long Yu, Hong Xuan, et al.. Two certificateless aggregate signatures from bilinear maps [C]. Proceedings of Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Qingdao, China, 2007: 188-193.
[10]
Zhang Lei and Zhang Fu-tai. A new certificateless aggregation signature shceme[J]. Computer Communications, 2009, 32(6): 1079-1085.
[11]
Au Man-ho, Mu Yi, Chen Jing,et al.. Malicious KGC attack in certificateless cryptography[C]. Proceedings of the ASIACCS2007, New York, USA, 2007: 302-311.