Li-Hong Guo,Hai-Tao Wu,Qing Yang

DOI: https://doi.org/10.2991/icwcsn-16.2017.32

2016-01-01

Abstract:Proxy signature schemes have been suggested for use in a number of applications, so the security of proxy signature scheme is more and more important. However, at present, almost all the proxy signature schemas were proven secure in the random oracle model, which has received a lot of criticism. Recently, Yu et al. proposed a designated verifier proxy signature scheme without random oracles by using Waters hashing technique. The formal models and a strictly logical process were provided in this schema. But Kang et al. show some attacks on Yu et al.s scheme and offer its insecurity proof. In this paper, in order to overcome the weaknesses in Yu et al.s scheme we make supplements on it and make it secure resist Kang et al.s attacks.

Qi Xie,Guilin Wang,Fubiao Xia,Deren Chen

DOI: https://doi.org/10.1002/cpe.3058

2013-01-01

Concurrency and Computation Practice and Experience

Abstract:By integrating self-certified public-key systems and the designated verifier proxy signature with message recovery, Wu and Lin proposed the first self-certified proxy convertible authenticated encryption (SP-CAE) scheme and its variants based on discrete logarithm problem (DLP) in 2009. Though their schemes are claimed provably secure, we demonstrate that their schemes are existentially forgeable under adaptive chosen warrants, unconfidentiable and verifiable under adaptive chosen messages and designated verifiers. Then we propose a provably secure SP-CAE scheme in the random oracle model.

Jianhong Zhang,Yuehai Wang

2019-01-01

Abstract:.As a significant cryptographical primitive, proxy re-signature(PRS) technique is broadly applied to distributed computation, copyright transfer and hidden path transfer because it permits that a proxy translates an entity’s signature into the other entity’s signature on the identical data. Recently, to discard time-consuming pairing operator and intricate certificate-maintenance, Wang et al. proposed two efficient pairing-free ID-based PRS schemes, and declared that their schemes were provably secure in the ROM. Very unluckily, in this investigation, we point out that Wang et al.’s schemes suffer from attacks of universal forgery by analysing their security, i.e., anyone can fabricate a signature on arbitrary file. After the relevant attacks are shown, the reasons which result in such attacks is analyzed. Finally, we discuss the corresponding improved method. Key–Words: ID-based PRS, integer factorization problem, universal forgeability, security attack

Jie XU,Hong-xiang SUN,Qiao-yan WEN,Hua ZHANG

DOI: https://doi.org/10.1016/s1005-8885(11)60288-4

2012-01-01

The Journal of China Universities of Posts and Telecommunications

Abstract:Multi-proxy signature is a scheme that an original signer delegates his or her signing capability to a proxy group. In the scheme, only the cooperation of all proxy signers in the proxy group can create a signature on behalf of the original signer. Jin and Wen firstly defined the formal security model of certificateless multi-proxy signature (CLMPS) and proposed a concrete CLMPS scheme. However, their construction has three problems: the definition of the strengthened security model is inaccurate, the concrete signature scheme has a security flaw, and the proof of the security is imperfect. With further consideration, a remedial strengthened security model is redefined, and an improved scheme is also proposed, which is existentially unforgeable against adaptively chosen-warrant, chosen-message and chosen-identity attacks in the random oracles. In this condition, the computational Diffie-Hellman (CDH) assumption is used to prove full security for our CLMPS scheme.

Qi XIE,XiuYuan YU,WenHao LIU,DeRen CHEN,GuiLin WANG,JiYi WU

DOI: https://doi.org/10.1360/112011-915

2012-01-01

Scientia Sinica Informationis

Abstract:Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing. In 2011, Juang et al. proposed a first authentication scheme based on proxy signature. The advantage of the scheme is that the user only needs to register on his home service cloud (HSC), and can pass through the authentication of the public cloud with the help of his HSC. However, their scheme has three weaknesses: 1) the users HSC needs to update the users public key in each session to protect the users privacy; 2) HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously; and 3) a secret key should be shared between HSC and visiting cloud. To overcome these weaknesses, a provably secure convertible proxy signcryption for privacy preserving is proposed. Based on this scheme, a novel one-round authentication protocol is proposed, which the user only needs to register on his HSC, and can pass through the authentication of the visiting cloud without the help of his HSC. On the other hand, the proposed protocol can provide some nice properties, such as user privacy protection, non-repudiation, without updating the users public key, and secret key does not have to be shared between HSC and visiting cloud. In addition, the proposed scheme is provably secure in the random oracle model, and is more efficient than Juang et al.s scheme.

XIE Qi,WU JiYi,WANG GuiLin,CHEN DeRen,YU XiuYuan

2012-01-01

Abstract:Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing.In 2011,Juang et al.proposed a first authentication scheme based on proxy signature.The advantage of the scheme is that the user only needs to register on his home service cloud(HSC),and can pass through the authentication of the public cloud with the help of his HSC.However, their scheme has three weaknesses:1)the user’s HSC needs to update the user’s public key in each session to protect the user’s privacy;2)HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously;and 3)a secret key should be shared between HSC and visiting cloud.To overcome these weaknesses,a provably secure convertible proxy signcryption for privacy preserving is proposed.Based on this scheme,a novel one-round authentication protocol is proposed,which the user only needs to register on his HSC,and can pass through the authentication of the visiting cloud without the help of his HSC.On the other hand,the proposed protocol can provide some nice properties,such as user privacy protection, non-repudiation,without updating the user’s public key,and secret key does not have to be shared between HSC and visiting cloud.In addition,the proposed scheme is provably secure in the random oracle model,and is more efficient than Juang et al.’s scheme.

吴晨煌,梁红梅,陈智雄,王海明

DOI: https://doi.org/10.3969/j.issn.1008-7826.2009.01.008

2009-01-01

Abstract:In this paper,we analyze the efficient ID-based certificateless signature scheme proposed by Liu Jing-wei etc.,and point out that their scheme is insecure.The certificateless signature scheme can suffer from public key replacement attack so that any one can forge a valid signature on any message.Finally,an improved scheme is proposed,whose security is based on the CDH problem.

Chenao Hu,Wei Shimin,Zhu Chang-jie,Yang Yi

Abstract:Proxy ring signature,which enables a proxy signer to anonymously sign a message on behalf the original signer,has many advantages.This paper firstly proposed the strongest security model of certificateless proxy ring signature schemes and gave an efficient construction of certificateless proxy ring signature scheme using bilinear maps,with rigorous security proofs in the proposed strongest security model.The security of the scheme was based on the infeasibility of the computational Diffie-Hellman problem.The analysis shows that the new scheme satisfies the security requirements such as unconditional anonymity,strong unforgeability for a proxy ring signature scheme.Due to its security,efficiency and free of certificate management,it may have practical applications in electronic government affairs and mobile agent systems,etc.

Computer Science

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.48550/arXiv.1110.4196

2011-10-19

Cryptography and Security

Abstract:A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer. Proxy signature schemes have found numerous practical applications such as grid computing, mobile agent systems and cloud applications. Recently, Jiang et al. proposed the first lattice-based proxy signature scheme and claimed that their scheme provides all the security properties of a secure proxy signature scheme. However, in this paper, we disprove their claim and show that an original signer is able to forge a proxy signature on any message.

Jianqing Fu,Jian Chen,Rong Fan,XiaoPing Chen,Lingdi Ping

DOI: https://doi.org/10.1109/wcse.2009.731

2009-01-01

Abstract:With the widespread use of mobile devices, authentication and privacy of identification become important issues. We analyzed the security flaws and shortcomings of a delegation-based authentication protocol which was proposed by Caimu Tang, et al., and provided an improved protocol. We use elliptic-curve cryptography and hash chain to ensure the safety of system in our scheme. The research results reveal that the improved protocol can not only corrects the security flaws but also improve the efficiency of key management and reduce the computational load.

Hu Xiong,Jianbin Hu,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.compeleceng.2011.01.006

IF: 4.152

2011-01-01

Computers & Electrical Engineering

Abstract:In a multi-proxy signature scheme, an original signer could authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signatures on behalf of the original signer. Recently, Cao and Cao gave the first formal definition and security model of an identity-based multi-proxy signature scheme, then proposed an identity-based multi-proxy signature scheme from bilinear pairings and proved its security in their security model. Although they proved that their scheme is secure under this model, we disprove their claim and show that their scheme is not secure. We also present a simple fix to prevent this attack.

Jia-Zhu Dai,Xiao-Hu Yang,Jinxiang Dong

DOI: https://doi.org/10.1145/986537.986584

2004-01-01

Abstract:ABSTRACTProxy signatures are signature schemes that a signer (called original signer) delegates his signing capability to other people (called proxy signer), and the proxy signer creates signatures on behalf of the original signer. In application such as electronic voting and electronic commerce, the privacy may be concerned by the original signer. The original signer may hope that the proxy signers can sign on behalf of him without knowing the content of the signed message. Few efforts have been put on privacy protection of original signer in existed proxy signature schemes. In this paper, a privacy-protecting proxy signature scheme is proposed. In this scheme, the messages the original signer entrust to the proxy signer to sign on behalf of him are secret from the proxy signer during the generation of the proxy signature and from other people except the receiver designated by the original signer. Therefore, the privacy of the original signer is protected. The security of the proposed signature scheme is analyzed and its application to electronic voting is described.

WANG Shu-Hong,WANG Gui-lin,BAO Feng,WANG Jie

DOI: https://doi.org/10.1360/jos160911

2005-01-01

Journal of Software

Abstract:Proxy signature allows an original signer to delegate his/her signing capability to a proxy signer such that the proxy signer can sign messages on behalf of the original signer. Blind signature allows a user to have a given message signed by the signer without revealing any information about the message. By using Schnorr blind signature, Tan et al. recently proposed a digital proxy blind signature scheme. They claimed that it satisfies the security properties of both blind signatures and proxy signatures. However, it is not the fact. This paper shows that the proposed scheme is vulnerable to universal forgery as well as linkability attacks. It also explains why their proofs of the security are incorrect.

Xuan Hong,Jianhua Gao,Jianguo Pan,Bo Zhang

DOI: https://doi.org/10.1007/s10586-017-1074-2

2017-01-01

Cluster Computing

Abstract:In proxy re-signature scheme, the semi-trust proxy is given special information to convert user A’s signature into another user B’s signature on the same message m. This has numerous application, such as simplifying the certificate management by constructing a secure channel between two authentication centers, simplifying group signature management by making each signature transformed to the group’s signature, helping relieve some common key management headaches by resigning without the authentication center, and constructing digital right management (DRM) interoperable system by sharing the certification. In this paper, we proposed a novel proxy re-signature scheme with universally composable security. The proposed scheme is unidirectional, single-use, key optimal, non-transitive and non-temporary. Its security is based on Computational Diffie–Hellman assumption in the random oracle model. Furthermore, we present the universal composable based security definition of proxy re-signature, as well as the equivalent game based definition. If a scheme is proved to be safe in our game, it will have the universally composable property, which will simplify the future security analysis. Finally, we support the proposed scheme with detailed security and performance analysis.

FU Xiao-tong,LU Ming-xin,XIAO Guo-zhen

DOI: https://doi.org/10.3969/j.issn.1001-2400.2005.05.026

2005-01-01

Journal of Xidian University

Abstract:We propose a forgery attack on a proxy blind signature scheme proposed by Tan et al.By using the forgery attack,a dishonest original signer can forge the proxy signing key and produce valid proxy blind signatures.By successfully identifying the forgery attack,we show that their scheme is insecure.Furthermore,to improve Tan et al's scheme,we propose an improved proxy blind signature scheme.

Zirui Qiao,Yanwei Zhou,Bo Yang,Mingwu Zhang,Tao Wang,Zhe Xia

DOI: https://doi.org/10.1109/jsyst.2021.3131589

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:To improve the security of industrial Internet of things (IIoT), several concrete constructions of certificate-based proxy signature (CBPS) scheme without bilinear pairing were proposed in the last few years. However, many previous constructions were found impractical, either fail to meet the claimed security properties or contain design flaws. In particular, in some instances, a malicious proxy signer can claim to be the original signer by forwarding the messages from original signer to any proxy signer, and the receiver cannot determine whether the delegation of signing power has been reused. In this article, we first demonstrate some security issues and design flaws in the previous proposals of CBPS scheme. As follows, to further address the above deficiencies, three new constructions of CBPS scheme with improved security are introduced. In the first two proposals, the delegation validity can be verified by the designated verifier (proxy signer), and the delegation of signing power for the last construct is publicly verifiable (any signer). Furthermore, formal security proofs are given using forking lemma in the random oracle, assuming that the discrete logarithm problem is hard. Compared with the previous CBPS schemes, our constructions are efficient with respect to computation and communication. Finally, we discuss the two necessary conditions for constructing secure CBPS schemes, to avoid security flaws in future research.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Cao Hao

Abstract:By analyzing the existing proxy ring signature schemes,we found that most of these schemes used costly pairings.To resolve the problem,we propose a certificateless proxy ring signature scheme without pairings.The scheme avoids key-escrow in ID-based cryptosystem,eliminates certificate-existence in certificate-based cryptosystem,realizes signer-ambiguity and proxy signer-ambiguity.Moreover,the scheme has costless computation,high security,and no using pairings.It is more convenient to use.

Computer Science

Juanli Sun,Junyi Wei,Ping Wei

DOI: https://doi.org/10.1109/iccsn.2011.6013641

2011-05-01

Abstract:Bsaed on certificateless public cryptosystem and forward-secure, a forward-secure certificateless proxy blind signature scheme was proposed. This new scheme is forward-secure by updating secret key frequently. We can reduce the loss of the key exposure problem. And it also overcame the problem of certificate management in the certificate-based public key cryptosystem and the inherent key escrow problem in the identity-based public key cryptosystem.

Sun Mei

Abstract:This paper puts forward an efficient construction of certificateless proxy signature scheme using bilinear maps.The security of this scheme is based on the infeasibility of the computational Diffie-Hellman problem and is formally proven in the strongest security model of certificateless proxy signature schemes.The analysis shows that this new scheme satisfies the security requirements such as verifiability,strong undeniability,strong identifiability and prevention of misuse for a proxy signature scheme.Due to its security,high efficiency and free of certificate management,it may have practical applications in electronic commerce and mobile agent systems,etc.

Mathematics,Computer Science

LV Xin,WANG Zhi-jian,XU Feng

DOI: https://doi.org/10.3778/j.issn.1002-8331.2010.19.024

2010-01-01

Abstract:Aiming to problems about security and performance exist in many proposed threshold proxy schemes.The bilinear pairings are introduced to signature scheme.A chameleon threshold proxy signature scheme based on bilinear pairings is presented combined with chamelen signature,which can resolve the security problems existing in many proposed scheme,furthermore,satisfy all security attributes with which the strongly-secure threshold proxy signature scheme should be provided,it can resist many different kinds of possible attacks.