Abstract
The concept of proxy signature was introduced by Mambo et al. to delegate signing capability in the digital world. In this paper, we show that three existing proxy signature schemes without certificates, namely, the Qian and Cao identity-based proxy signature (IBPS) scheme, the Guo et al. IBPS scheme and the Li et al. certificateless proxy signature (CLPS) scheme are insecure against universal forgery. More precisely, we show that any user who has a valid public-private key pair can act as a cheating proxy signer and forge the proxy signature on behalf of the original signer at will, without obtaining the official delegation from the original signer.
The authors gratefully acknowledge the Malaysia IRPA grant (04-99-01-00003-EAR) and e-Science fund (01-02-01-SF0032).
Chapter PDF
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless Public Key Cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Bakker, A., Steen, M., Tanenbaum, A.S.: A Law-abiding Peer-To-Peer Network for Free-Software Distribution. In: Proceedings of NCA 2001, pp. 60–67. IEEE Computer Society Press, Los Alamitos (2001)
Boldyreva, A., Palacio, A., Warinschi, B.: Secure Proxy Signature Schemes for Delegation of Signing Rights. Cryptography ePrint Archive, http://eprint.iacr.org/2003/096
Cha, J., Cheon, J.: An Identity-Based Signature from Gap Diffie-Hellman Groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)
Chow, S.S.M., et al.: Identity-Based Delegation Network. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 99–115. Springer, Heidelberg (2005)
Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Foster, I., et al.: A Security Atchitecture for Computational Grids. In: Proceedings of CCS 1998, pp. 83–92. ACM Press, New York (1998)
Goldwasser, S., Micali, S., Rivest, R.: A Digital Signature Scheme Secure against Adaptive Chosen-Message Attacks. SIAM Journal of Computing 17(2), 281–308 (1988)
Gu, C., Zhu, Y.: Provable Security of ID-Based Proxy Signature Schemes. In: Lu, X., Zhao, W. (eds.) ICCNMC 2005. LNCS, vol. 3619, pp. 1277–1286. Springer, Heidelberg (2005)
Gu, C., Zhu, Y.: An Efficient ID-Based Proxy Signature Scheme from Pairings. Cryptology ePrint Archive, http://eprint.iacr.org/2006/158
Guo, S., Cao, Z., Lu, R.: An Efficient ID-Based Multi-Proxy Multi-Signature Scheme. In: Proceedings of IMSCCS 2006, vol. 2, pp. 81–88. IEEE Computer Society Press, Los Alamitos (2006)
Hess, F.: Efficient Identity Based Signature Schemes based on Pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)
Huang, X., et al.: On the Security of Certificateless Signature Schemes from Asiacrypt 2003. In: Desmedt, Y.G., et al. (eds.) CANS 2005. LNCS, vol. 3810, pp. 13–25. Springer, Heidelberg (2005)
Kim, S., Park, S., Won, D.: Proxy Signatures, Revisited. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 223–232. Springer, Heidelberg (1997)
Lee, B., Kim, H., Kim, K.: Strong Proxy Signature and Its Applications. In: Proceedings of SCIS 2001, vol. 2/2, pp. 603–608 (2001)
Lee, B., Kim, H., Kim, K.: Secure Mobile Agent Using Strong Non-Designated Proxy Signature. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 474–486. Springer, Heidelberg (2001)
Li, X., Chen, K., Sun, L.: Certificateless Signature and Proxy Signature Schemes from Bilinear Pairings. Lithuanian Mathematical Journal 45(1), 76–83 (2005)
Mambo, M., Usuda, K., Okamoto, E.: Proxy Signatures: Delegation of the Power to Sign Messages. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E79-A(9), 1338–1354 (1996)
Okamoto, T., Tada, M., Okamoto, E.: Extended Proxy Signatures for Smart Cards. In: Zheng, Y., Mambo, M. (eds.) ISW 1999. LNCS, vol. 1729, pp. 247–258. Springer, Heidelberg (1999)
Pointcheval, D., Stern, J.: Security Proofs for Signature Schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Qian, H., Cao, Z.: A Novel ID-Based Partial Delegation with Warrant Proxy Signature Scheme. In: Chen, G., et al. (eds.) ISPA-WS 2005. LNCS, vol. 3759, pp. 323–331. Springer, Heidelberg (2005)
Shamir, A.: Identity Based Cryptosystems and Signature Scheme. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Sun, H.-M., Hsieh, B.-T.: On the Security of Some Proxy Signature Schemes. Cryptology ePrint Archive, http://eprint.iacr.org/2003/068
Wang, Q., Cao, Z.: Efficient ID-Based Proxy Signature and Proxy Signcryption from Bilinear Pairings. In: Hao, Y., et al. (eds.) CIS 2005. LNCS (LNAI), vol. 3802, pp. 167–172. Springer, Heidelberg (2005)
Wang, G., et al.: Security Analysis of Some Proxy Signatures. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 305–319. Springer, Heidelberg (2004)
Xu, J., Zhang, Z., Feng, D.: ID-Based Proxy Signature Using Bilinear Pairings. In: Chen, G., et al. (eds.) ISPA-WS 2005. LNCS, vol. 3759, pp. 359–367. Springer, Heidelberg (2005)
Yoon, H.J., Cheon, J.H., Kim, Y.: A New Identity-Based Signature Scheme with Batch Verification. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 233–248. Springer, Heidelberg (2005)
Zhang, F., Kim, K.: Efficient ID-Based Blind Signature and Proxy Signature from Bilinear Pairing. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 312–323. Springer, Heidelberg (2003)
Zhang, K.: Threshold Proxy Signature Schemes. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 272–290. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Yap, WS., Heng, SH., Goi, BM. (2007). Cryptanalysis of Some Proxy Signature Schemes Without Certificates. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, JJ. (eds) Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. WISTP 2007. Lecture Notes in Computer Science, vol 4462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72354-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-72354-7_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72353-0
Online ISBN: 978-3-540-72354-7
eBook Packages: Computer ScienceComputer Science (R0)