Abstract
A proxy signature scheme allows an entity to delegate his/her signing capability to another entity in such a way that the latter can sign messages on behalf of the former. Such schemes have been suggested for use in a number of applications, particularly in distributed computing where delegation of rights is quite common. Followed by the first schemes introduced by Mambo, Usuda and Okamoto in 1996, a number of new schemes and improvements have been proposed. In this paper, we present a security analysis of four such schemes newly proposed in [14, 15]. By successfully identifying several interesting forgery attacks, we show that these four schemes all are insecure. Consequently, the fully distributed proxy scheme in [11] is also insecure since it is based on the (insecure) LKK scheme [13, 14]. In addition, we point out the reasons why the security proofs provided in [14] are invalid.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adams, C., Farrell, S.: Internet X.509 public key infrastructure: Certificate management protocols. RFC 2510 (March 1999)
Ai-Ibrahim, M., Cerny, A.: Proxy and threshold one-time signatures. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 123–136. Springer, Heidelberg (2003)
Bakker, A., Steen, M., Tanenbaum, A.S.: A law-abiding peer-to-peer network for free-software distribution. In: IEEE International Symposium on Network Computing and Applications (NCA 2001), pp. 60–67. IEEE, Los Alamitos (2001)
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proc. of 1st ACM Conference on Computer and Communications Security (CCS 1993), pp. 62–73. ACM Press, New York (1993)
Boldyreva, A., Palacio, A., Warinschi, B.: Secure proxy signature schemes for delegation of signing rights, Available at http://eprint.iacr.org/2003/096
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory IT-31(4), 469–472 (1985)
FIPS 186. Digital Signature Standard. U. S. Department of Commerce/NIST, National Technical Information Service, Springfield, VA (1994)
Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: Proc. 5th ACM Conference on Computer and Communications Security (CCS 1998), pp. 83–92. ACM Press, New York (1998)
Ghodosi, H., Pieprzyk, J.: Repudiation of cheating and non-repudiation of Zhang’s proxy signature schemes. In: Pieprzyk, J.P., Safavi-Naini, R., Seberry, J. (eds.) ACISP 1999. LNCS, vol. 1587, pp. 129–134. Springer, Heidelberg (1999)
Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)
Herranz, J., Sáez, G.: Verifiable secret sharing for general access structures, with applications to fully distributed distributed proxy signatures. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 286–302. Springer, Heidelberg (2003)
Kim, S., Park, S., Won, D.: Proxy signatures, revisited. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 223–232. Springer, Heidelberg (1997)
Lee, B., Kim, H., Kim, K.: Strong proxy signature and its applications. In: Proceedings of the 2001 Symposium on Cryptography and Information Security (SCIS 2001), Oiso, Japan, January 23-26, vol. 2/2, pp. 603–608 (2001)
Lee, B., Kim, H., Kim, K.: Secure mobile agent using strong non-designated proxy signature. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 474–486. Springer, Heidelberg (2001)
Lee, J.-Y., Cheon, J.H., Kim, S.: An analysis of proxy signatures: Is a secure channel necessary? In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 68–79. Springer, Heidelberg (2003)
Lee, N.-Y., Hwang, T., Wang, C.-H.: On Zhang’s nonrepudiable proxy signature schemes. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 415–422. Springer, Heidelberg (1998)
Leiwo, J., Hanle, C., Homburg, P., Tanenbaum, A.S.: Disallowing unauthorized state changes of distributed shared objects. In: Information Security for Global Information Infrastructures (SEC 2000), pp. 381–390. Kluwer, Dordrecht (2000)
Mambo, M., Usuda, K., Okamoto, E.: Proxy signature: Delegation of the power to sign messages. IEICE Trans. Fundamentals E79-A(9), 1338–1353 (1996)
Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proc. of 3rd ACM Conference on Computer and Communications Security (CCS 1996), pp. 48–57. ACM Press, New York (1996)
Meyers, M., Adams, C., Solo, D., Kemp, D.: Internet X.509 certificate request format. RFC 2511 (March 1999)
Okamoto, T., Tada, M., Okamoto, E.: Extended proxy signatures for smart cards. In: Zheng, Y., Mambo, M. (eds.) ISW 1999. LNCS, vol. 1729, pp. 247–258. Springer, Heidelberg (1999)
Park, H.-U., Lee, I.-Y.: A digital nominative proxy signature scheme for mobile communications. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 451–455. Springer, Heidelberg (2001)
Petersen, H., Horster, P.: Self-certified keys - concepts and applications. In: Proc. of 3rd Conference on Communications and Multimedia Security, pp. 102–116. Chapman & Hall, Boca Raton (1997)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13(3), 361–369 (2000)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)
Shao, Z.: Proxy signature schemes based on factoring. Information Processing Letters 85, 137–143 (2003)
Schnorr, C.: Efficient signature generation by smart cards. Journal of Cryptography 4(3), 161–174 (1991)
Sun, H.-M.: Threshold proxy signatures. IEE Proc.-Computers & Digital Techniques 146(5), 259–263 (1999)
Sun, H.-M., Hsieh, B.-T.: On the security of some proxy signature schemes, http://eprint.iacr.org/2003/068
Wang, H., Pieprzyk, J.: Efficient one-time proxy signatures. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 507–522. Springer, Heidelberg (2003)
Zhang, K.: Threshold proxy signature schemes. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 282–290. Springer, Heidelberg (1998)
Zhang, K.: Nonrepudiable proxy signature schemes. Manuscript (1997), Available at http://citeseer.nj.nec.com/360090.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, G., Bao, F., Zhou, J., Deng, R.H. (2004). Security Analysis of Some Proxy Signatures. In: Lim, JI., Lee, DH. (eds) Information Security and Cryptology - ICISC 2003. ICISC 2003. Lecture Notes in Computer Science, vol 2971. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24691-6_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-24691-6_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21376-5
Online ISBN: 978-3-540-24691-6
eBook Packages: Springer Book Archive