Two Notes on the Security of Certificateless Signatures

  • Rafael Castro
  • Ricardo Dahab
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4784)


We discuss two common pitfalls found in proofs of security of various certificateless signature (CLS) schemes. As a result of the first observation, we are able to show that a CLS scheme ([Goy06]), previously thought to be secure, is vulnerable to a key replacement attack. We then proceed to define a class of CLS schemes whose security is provable by standard techniques, leading to a more efficient version of a known CLS scheme ([ARP03]) and a (previously unknown) security proof for another ([LCS05]).


Certificateless Public-Key Cryptography Forking Lemma Signature Schemes 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [ARP03]
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)Google Scholar
  2. [BF01]
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)Google Scholar
  3. [BLMQ05]
    Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.-J.: Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. [CC03]
    Cha, J.C., Cheon, J.H.: An identity-based signature from gap diffie-hellman groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)Google Scholar
  5. [CPHL07]
    Choi, K.Y., Park, J.H., Hwang, J.Y., Lee, D.H.: Efficient certificateless signature schemes. In: Katz, Yung: [KY07], pp. 443–458Google Scholar
  6. [Den06]
    Dent, W.A.: A survey of certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211 (2006)Google Scholar
  7. [DW07]
    Du, H., Wen, Q.: Efficient and provably-secure certificateless short signature scheme from bilinear pairings. Cryptology ePrint Archive, Report 2007/250 (2007),
  8. [FS87]
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  9. [GMR88]
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  10. [Goy06]
    Goya, G.H.: Proposta de esquemas de criptografia e de assinatura sob modelo de criptografia de cha pública sem certificado. Master’s thesis, USP (2006)Google Scholar
  11. [GS05]
    Gorantla, M.C., Saxena, A.: An efficient certificateless signature scheme. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C. (eds.) CIS 2005. LNCS (LNAI), vol. 3802, pp. 110–116. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. [HSMZ05]
    Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from asiacrypt 2003. In: Desmedt, Y., Wang, H., Mu, Y., Li, Y. (eds.) CANS 2005. LNCS, vol. 3810, pp. 13–25. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. [HWZD06]
    Hu, B.C., Wong, D.S., Zhang, Z., Deng, X.: Key replacement attack against a generic construction of certificateless signature. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 235–246. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. [HWZD07]
    Hu, B.C., Wong, D.S., Zhang, Z., Deng, X.: Certificateless signature: a new security model and an improved generic construction. Des. Codes Cryptography 42(2), 109–126 (2007)zbMATHCrossRefMathSciNetGoogle Scholar
  15. [KY07]
    Katz, J., Yung, M.: Applied Cryptography and Network Security. In: ACNS 2007. Proceedings 5th International Conference, Zhuhai, China, June 5-8, 2007. LNCS, vol. 4521, Springer, Heidelberg (2007)Google Scholar
  16. [LAS06]
    Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature / encryption scheme in the standard model. Cryptology ePrint Archive, Report, /373, 2006 (2006),
  17. [LCS05]
    Li, X., Chen, K., Sun, L.: Certificateless signature and proxy signature schemes from bilinear pairings. Lithuanian Mathematical Journal 45(1), 76–83 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  18. [PS00]
    Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology: the journal of the International Association for Cryptologic Research 13(3), 361–396 (2000)zbMATHGoogle Scholar
  19. [Sch91]
    Schnorr, C.P.: Efficient signature generation for smart cards. Journal of Cryptology 4(3), 239–252 (1991)CrossRefMathSciNetGoogle Scholar
  20. [Sha85]
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  21. [TGO]
    Terada, R., Goya, D.H., Okamoto, E.: A certificateless signature scheme based on bilinear pairing functions. In: SCIS 2007. Symposium on Cryptography and Information Security, Japan (2007)Google Scholar
  22. [YCHG07]
    Yap, W.-S., Chow, S.S.M., Heng, S.-H., Goi, B.-M.: Security mediated certificateless signatures. In: Katz, Yung (eds.) [KY 07], pp. 459–477 (2007)Google Scholar
  23. [YHG06]
    Yap, W.-S., Heng, S.-H., Goi, B.-M.: An efficient certificateless signature scheme. In: Zhou, X., Sokolsky, O., Yan, L., Jung, E.-S., Shao, Z., Mu, Y., Lee, D.C., Kim, D., Jeong, Y.-S., Xu, C.-Z. (eds.) Emerging Directions in Embedded and Ubiquitous Computing. LNCS, vol. 4097, pp. 322–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. [ZF06]
    Zhang, Z., Feng, D.: Key replacement attack on a certificateless signature scheme. Cryptology ePrint Archive, Report 2006/453 (2006),
  25. [ZWXF06]
    Zhang, Z., Wong, D.S., Xu, J., Feng, D.: Certificateless public-key signature: Security model and efficient construction. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 293–308. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Rafael Castro
    • 1
  • Ricardo Dahab
    • 1
  1. 1.UNICAMPBrazil

Personalised recommendations