Li-Hong Guo,Hai-Tao Wu,Qing Yang

DOI: https://doi.org/10.2991/icwcsn-16.2017.32

2016-01-01

Abstract:Proxy signature schemes have been suggested for use in a number of applications, so the security of proxy signature scheme is more and more important. However, at present, almost all the proxy signature schemas were proven secure in the random oracle model, which has received a lot of criticism. Recently, Yu et al. proposed a designated verifier proxy signature scheme without random oracles by using Waters hashing technique. The formal models and a strictly logical process were provided in this schema. But Kang et al. show some attacks on Yu et al.s scheme and offer its insecurity proof. In this paper, in order to overcome the weaknesses in Yu et al.s scheme we make supplements on it and make it secure resist Kang et al.s attacks.

Mingwu Zhang,Tsuyoshi Takagi,Bo Yang,Fagen Li

DOI: https://doi.org/10.1587/transfun.e95.a.259

2012-01-01

Abstract:Strong designated verifier signature scheme (SDVS) allows a verifier to privately check the validity of a signature. Recently, Huang et al. first constructed an identity-based SDVS scheme (HYWS) in a stronger security model with non-interactive proof of knowledge, which holds the security properties of unforgeability, non-transferability, non-delegatability, and privacy of signer's identity. In this paper, we show that their scheme does not provide the claimed properties. Our analysis indicates that HYWS scheme neither resist on the designated verifier signature forgery nor provide simulation indistinguishability, which violates the security properties of unforgeability, non-delegatability and non-transferability.

XIA Qi,XU Chun-xiang

2009-01-01

Abstract:The security of Yang et al. verifiably encrypted signature schemes is analyzed.Although the scheme is proved security in the standard model,it is vulnerable to key substitution attack in a multi-user setting,where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users.A concrete instance of fair exchange of digital signature protocol is given to show that this kind attack can breach the fairness when they are used in fair exchange in a multi-user setting.

Shifeng Sun,Qiaoyan Wen,Zhengping Jin,Hua Zhang

DOI: https://doi.org/10.1109/isise.2010.47

2010-01-01

Abstract:Recently, several ID-based strong designated verifier signature schemes have been proposed in the literature. However, most of them can not satisfy the strong ness property that any third party without the designated verifier's private key is unable to check the validity of a designated verifier signature, and they are not given the rigorous security proofs. To solve those problems above, we put forward a new efficient ID-based strong designated verifier signature scheme in this paper which is strong, and rigorously proved secure in the random oracle model based on the Bilinear Diffie-Hellmanassumptions.

WU Huai,SUN Ying,XU Chun-xiang,WU Wei

DOI: https://doi.org/10.3969/j.issn.1001-0548.2013.06.022

2013-01-01

Abstract:The security of the identity-based ring signature scheme of [18] is analyzed in this paper. It is found that this scheme did not possess the unforgeability property. It is also shown that the proposed scheme is insecure against a new kind of forgery attack, i.e. the identity assembly forgery attack. With such an attack, an adversary is able to forge valid ring signatures on any message based on the features of its identity, and the identity of the adversary can be even not included in the ring of the forged signature.

秦志光,廖永建

DOI: https://doi.org/10.3969/j.issn.1001-0548.2009.05.033

2009-01-01

Abstract:Compared with ordinary digital signature,the designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party.In designated verifier signature scheme,no third party can even verify the validity of a designated verifier signature since it must use the designated verifier's secret key in verification.Recently,an ID-based strong designated verifier scheme,ID-based designated verifier proxy signature scheme,and partial cryptanalysis ware proposed.In this paper,we show that the designated verifier signature scheme is delegatable,and the designated verifier proxy signature is forgeable since construction of the proxy scheme is unreasonable.

Zhen Qin,Chen Yuan,Yilei Wang,Hu Xiong

DOI: https://doi.org/10.1016/j.ipl.2016.02.003

IF: 0.851

2016-01-01

Information Processing Letters

Abstract:ID-based signature enables users to verify signatures using only public identifier. Very recently, Rossi and Schmid (2015) [9] proposed two identity-based signature schemes along with the application to group communications. Unfortunately, by proposing concrete attack, we demonstrate that the former scheme is insecure against forgery attack, while the latter scheme has been totally broken in the sense that the signing key can be recovered from the valid signature easily.

Lei Niu,Changqing Zhang,Qi Xia,Yong Yu

DOI: https://doi.org/10.1504/ijics.2015.069212

2015-01-01

Abstract:Chang et al. proposed a new digital signature scheme with message recovery. However, several forgery attacks demonstrated that Chang et al.'s construction without using one-way hash functions and message redundancy is insecure. Nevertheless, it is unclear to see how to achieve the attacks. In this paper, more general forgery attacks are described to show clearly how to obtain these attacks. It is interesting that our general forgery covers all the known attacks.

Hu Xiong,YaNan Chen,GuoBin Zhu,ZhiGuang Qin

DOI: https://doi.org/10.1007/s11432-014-5152-2

2014-01-01

Science China Information Sciences

Abstract:To enjoy the property of error tolerance in the biometric identities extraction, the fuzzy identitybased signature has been initialized to issue a signature on behalf of a descriptive attributes set ω instead of a single string. Any attributes set ω′ can be used to verify the validity of the signature in case the distance between ω and ω′ is less than a pre-defined threshold. Recently, Wang re-formalized the notion of fuzzy identitybased signature and proposed a concrete pairing-based construction along with the efficiency analysis and formal security proof. Unfortunately, by giving concrete attack, we indicate that Wang’s scheme is not secure against forgery attack. We also present an improved scheme to prevent this attack.

Yang ZHAO,Feng YUE,Hu XIONG,Zhi-guang QIN

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.10.002

2015-01-01

Abstract:The designated verifier signature specifies a verifier to check the validity of the signature; any third party can not check it because the designated verifier is able to generate an indistinguishable signature from the signer’s signature. In ring signature scheme, the signer can sign the message on behalf of the ring anonymously, the veriifer can check the validity of the signature, but it cannot recognize which member of the ring has signed it. In order to ensure the signer’s identity privacy and that only the designated veriifer can check the authenticity of the signature, Wu propose a strong designated veriifer ID-based ring signature scheme through combining the designated veriifer signature and the ring signature. The scheme allows the signer to designate a veriifer and generate a designated veriifer ring signature. Through the analysis on Wu’s scheme, we ifgure out the scheme does not satisfy the attribute of non-delegatability in designated verifier signature scheme and describe the attack method in this paper. For the sake of avoiding the lfaw, this paper improves Wu’s scheme and makes it provably secure. In addition, according to the improved scheme, we propose a strong designated veriifer ring signcryption scheme providing authentication and conifdentiality simultaneously.

陈建华,叶胜男

DOI: https://doi.org/10.11896/jsjkx.201200117

2021-01-01

Computer Science

Abstract:Certificateless public key cryptosystem combines the advantages of identity-based cryptosystem and traditional PKI public key cryptosystem,overcomes the key escrow problem of identity-based public key cryptosystem and the certificate management problem of PKI system,and has obvious advantages.By analysing the security of a strongly secure certificateless signature scheme proposed by Hassouna,et al,it shows that the scheme cannot resist the attack of falsifying messages and do not use private key generated by system master key to sign.So it is not a certificateless signature scheme.On this basis,an improved certificateless signature scheme is proposed and it proves the scheme can resist the attack of the first class of strong adversaries and the second class of adversaries.In the random oracle model and under the assumption of the Diffie-Hellman problem of the elliptic curve,the improved scheme satisfies the existential forgery.

Tianjie Cao,Dongdai Lin

DOI: https://doi.org/10.1007/11599548_20

2005-01-01

Abstract:Digital signature scheme allows a user to sign a message in such a way that anyone can verify the signature, but no one can forge the signature on any other message. In this paper, we show that Xie and Yu’s threshold signature scheme, Huang and Chang’s threshold proxy signature scheme, Qian, Cao and Xue’s pairing-based threshold proxy signature scheme, Xue and Cao’s multi-proxy signature scheme and Zhou et al.’s proxy multi-signature scheme are all insecure against the forgery attacks.

Debiao He,Mingwu Zhang,Baowen Xu

DOI: https://doi.org/10.1093/comjnl/bxu097

2014-01-01

The Computer Journal

Abstract:Recently, Gu et al. proposed an efficient identity-based proxy signature scheme and demonstrated their scheme was provably secure in the standard model. In this paper, we show their scheme is not secure against the malicious user through proposing three concrete attacks.

Miaomiao Tian,Liusheng Huang,Wei Yang

DOI: https://doi.org/10.1504/ijict.2014.057968

2012-01-01

Abstract:Currently, short signature is receiving significant attention since it is particularly useful in low-bandwidth communication environments. However, most of the short signature schemes are only based on one intractable assumption. Recently, Su presented an identity-based short signature scheme based on knapsack and bilinear pairing. He claimed that the signature scheme is secure in the random oracle model. Unfortunately, in this paper, we show that his scheme is insecure. Concretely, an adversary can forge a valid signature on any message with respect to any identity in Su's scheme.

Ganglin Zhang,Yongjian Liao,Yu Fan,Yikuan Liang

DOI: https://doi.org/10.1109/access.2020.2964040

IF: 3.9

2020-01-01

IEEE Access

Abstract:Many sensitive data are generated by resource-limitation devices in the Vehicular ad hoc network (VANET). When these data are divulged, people 's life and property will be threatened. To solve these problems, Wei et al. proposed a lightweight privacy-preserving protocol based on RSA assumption for VANET and they claimed that their protocol was secure and low overhead. In this paper, first of all, we show that the basic signature scheme to be used in Wei et al.'s protocol is not secure, i.e., the user's private key will be revealed from the pairs of message-signatures, which causes the protocol to be insecure. We also show that our security analysis is feasible and effective in practice from the theory and experiments. Then we construct a new identity-based signature scheme based RSA assumption and prove it is existentially unforgeable under the chosen message attack without random oracle. Finally, we update the Wei et al.'s protocol and do some experiments to evaluate the efficiency of our scheme in the updated protocol.

CAO Tian-jie,LIN Dong-dai

DOI: https://doi.org/10.3321/j.issn:1008-9497.2006.04.010

2006-01-01

Abstract:LI and YANG proposed a message recovery signature scheme(LY scheme) based on both the discrete logarithm problem and the factorization problem.WU and LI proved that the security of the LY scheme is only based on the difficulty of factoring.To eliminate this weakness,they also proposed an improved scheme(WL scheme).However,the security of the improved scheme is not as secure as they have claimed.An attacker could generate a forged signature on the assumption when the factorization problem is solved.

Fagen Li,Yupu Hu

2008-01-01

Fundamenta Informaticae

Abstract:In 2006, Pomykala and Barabasz [Fundamenta Informaticae 69 (2006) 411-425] proposed an elliptic curve based threshold proxy signature scheme which requires shorter cryptographic keys. They claimed that their scheme satisfies the secrecy, the proxy protected, the unforgeability, the non-repudiation, and the known signers. However, in this paper, we show that their scheme cannot achieve the proxy protected, the unforgeability and the non-repudiation by demonstrating a conspiracy attack. In this attack, any t malicious proxy signers can collusively impersonate some other proxy signers to generate proxy signatures.

Yang Chen,Yang Zhao,Hu Xiong,Feng Yue

DOI: https://doi.org/10.6633/ijns.201707.19(4).10

2017-01-01

Abstract:The designated verifier signature only enables the designated verifier to check the correctness of the signature, while any third party can not verify whether this signature is valid or not. Most of the previous designated verifier signature schemes depend on certificate-based cryptography or identity-based cryptography, while little attention has been paid to the certificateless designated verifier signature scheme which has much more advantages than the previous constructions. In this paper, we propose the first certificateless strong designated verifier signature scheme with non-delegatability. We show that our scheme satisfies the basic properties of a designated verifier signature scheme and resists the two types of adversaries in certificateless cryptography. In addition, the comparison with other existing certificateless SDVS schemes demonstrates the proposed scheme is provided with a good level of security and performance.

Yong Yu,Chunxiang Xu,Xiaosong Zhang,Yongjian Liao

DOI: https://doi.org/10.1016/j.camwa.2009.01.032

IF: 3.218

2009-01-01

Computers & Mathematics with Applications

Abstract:In a designated verifier proxy signature scheme, one can delegate his or her signing capability to another user in such a way that the latter can sign messages on behalf of the former, but the validity of the resulting signatures can only be verified by the designated verifier. Several designated verifier proxy signature schemes have been proposed so far. However, most of the schemes were proven secure in the random oracle model, which has received a lot of criticism since the security proofs in the random oracle model are not sound with respect to the standard model. In this paper, we propose a new construction of designated verifier proxy signature whose security can be proven without using the random oracle model. Our scheme is inspired by Waters’ Identity-based encryption. The unforgeability of our scheme is based on the hardness of Gap Bilinear Diffie–Hellman problem. As far as we know, this is the first designated verifier proxy signature secure in the standard model.

Huai Wu,Chunxiang Xu,Jiang Deng,Jianbing Ni

2013-01-01

Journal of Computational Information Systems

Abstract:The technique of server-aided verification helps to speed up the verification of a digital signature. This is highly desirable for many low computation applications such as RFID, wireless network. Recently, Wu et al. proposed two server-aided verification signature schemes based on Waters signature. Unfortunately, we demonstrate that the two schemes are vulnerable to collusion attacks by giving concrete security analysis. Copyright © 2013 Binary Information Press.