Abstract
In traditional public key signature, the public key of a signer is essentially a random string selected from a given set. It is infeasible to prove that a party is indeed the signer for a given signature. In general, the public key of a user needs a management authority to authenticate it. It results in that traditional public key cryptosystem (PKC) requires high maintenance cost for certificate management. Although, identity based cryptosystem (IBC) reduces the overhead of management, it suffers from the drawback of key escrow. Certificate-based cryptosystem combines the advantage of both PKC and IBC as it avoids the usage of certificates and does not suffer from key escrow. Recently, Liu et.al proposed an efficient Certificate-based signature and showed that the scheme was secure in the random oracles. Unfortunately, this paper shows that the scheme is insecure and discusses the flaws in their security proof. Then the corresponding attacks are given. To overcome the flaws, an improved scheme is proposed and the result shows that the scheme is provable secure against two game attacks of certificate-based signature in the random oracle model. The security is closely related to the computational Diffie-Hellman problem.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Au, M.H., Liu, J.K., Susilo, W., Yuen, T.H.: Certificate based (Linkable) ring signature. In: Dawson, E., Wong, D.S. (eds.) ISPEC 2007. LNCS, vol. 4464, pp. 79–92. Springer, Heidelberg (2007)
Gentry, C.: Certificate-based Encryption and the Certificate Revocation Problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)
Geiselmann, W., Steinwandt, R.: A Key Substitution Attack on SFLASH, Cryptology ePrint Archive: Report 2004/245 (2004), http://eprint.iacr.org/2004/245
Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. Journal of Cryptology 17(4), 297–319
Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)
Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)
Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of computing 17(2), 281–308 (1988)
Li, J., Huang, X., Mu, Y., Susilo, W., Wu, Q.: Certificate-based signature: Security model and efficient construction. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 110–125. Springer, Heidelberg (2007)
Kang, B.G., Park, J.H., Hahn, S.G.: A certificate-based signature scheme. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 99–111. Springer, Heidelberg (2004)
Liu, J.K., Baek, J., Susilo, W., Zhou, J.: Cettificate-based Signature Scheme without Pairings or Random oracles. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 285–297. Springer, Heidelberg (2008)
Nyberg, K., Rueppel, R.A.: Message recovery for signature schemes based on the discrete logarithm problem. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 182–193. Springer, Heidelberg (1995)
Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Wang, L.H., Shao, J., Cao, Z.-F., Mambo, M., Yamamura, A.: A certificate-based proxy cryptosystem with revocable proxy decryption power. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 297–311. Springer, Heidelberg (2007)
Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)
Zheng, Y.: Identification, Signature and Signcryption using High Order Residues Modulo an RSA Composite. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 48–63. Springer, Heidelberg (2001)
Zheng, Y.: Signcryption and its applications in efficient public key solutions. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 291–312. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, J. (2009). On the Security of a Certificate-Based Signature Scheme and Its Improvement with Pairings. In: Bao, F., Li, H., Wang, G. (eds) Information Security Practice and Experience. ISPEC 2009. Lecture Notes in Computer Science, vol 5451. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00843-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-00843-6_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00842-9
Online ISBN: 978-3-642-00843-6
eBook Packages: Computer ScienceComputer Science (R0)