On the security of certificateless signature schemes from Asiacrypt 2003. (English) Zbl 1154.94459
Desmedt, Yvo G. (ed.) et al., Cryptology and network security. 4th international conference, CANS 2005, Xiamen, China, December 14–16, 2005. Proceedings. Berlin: Springer (ISBN 3-540-30849-0/pbk). Lecture Notes in Computer Science 3810, 13-25 (2005).
Summary: In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. In the new paradigm, the necessity of certificates has been successfully removed. The security model for certificateless cryptography was also introduced in the same paper. However, as we shall show in this paper, the proposed certificateless signature is insecure in their defined model. We provide an attack that can successfully forge a certificateless signature in their model. We also fix this problem by proposing a new scheme.
For the entire collection see [Zbl 1098.94002].
For the entire collection see [Zbl 1098.94002].
MSC:
| 94A62 | Authentication, digital signatures and secret sharing |
