19 research outputs found
Cryptanalysis of the Hwang-Shi Proxy Signature Scheme
[[abstract]]Recently, Hwang and Shi proposed an efficient proxy signature scheme without using one-way hash functions. In their scheme, an original signer needn't send a proxy certificate to a proxy signer through secure channels. However, there are two public key substitution methods that can be used to attack their scheme. In this article, we show that their scheme is vulnerable to the public key substitution attacks[[notice]]補正完畢[[journaltype]]國外[[incitationindex]]EI[[booktype]]紙本[[booktype]]電子版[[countrycodes]]NL
Cryptanalysis and Performance Evaluation of Enhanced Threshold Proxy Signature Scheme Based on RSA for Known Signers
In these days there are plenty of signature schemes such as the threshold proxy signature scheme (Kumar and Verma 2010). The network is a shared medium so that the weakness security attacks such as eavesdropping, replay attack, and modification attack. Thus, we have to establish a common key for encrypting/decrypting our communications over an insecure network. In this scheme, a threshold proxy signature scheme based on RSA, any or more proxy signers can cooperatively generate a proxy signature while or fewer of them cannot do it. The threshold proxy signature scheme uses the RSA cryptosystem to generate the private and the public key of the signers (Rivest et al., 1978). Comparison is done on the basis of time complexity, space complexity, and communication overhead. We compare the performance of four schemes (Hwang et al. (2003), Kuo and Chen (2005), Yong-Jun et al. (2007), and Li et al. (2007), with the performance of a scheme that has been proposed earlier by the authors of this paper. In the proposed scheme, both the combiner and the secret share holder can verify the correctness of the information that they are receiving from each other. Therefore, the enhanced threshold proxy signature scheme is secure and efficient against notorious conspiracy attacks
Comments on "A practical (t, n) threshold proxy signature scheme based on the RSA cryptosystem"
In a (t, n) proxy signature scheme, the original signer can delegate his/her signing capability to n proxy signers such that any t or more proxy singers can sign messages on behalf of the former, but t 1 or less of them cannot do the same thing
Security Analysis of a Proxy Signature Scheme over Braid Groups
Delegation of powers is a common practice in the
real world. To realized the delegation of powers electronically,
Mambo,Usuda and Okamoto proposed the
first proxy signature scheme in 1996. Since then a
number of new schemes and their improvements have
been proposed. In 2008, Verma proposed a proxy signature
scheme over braid groups. This paper analyzes
Vermas scheme and found that this scheme suffers
with the serious security flaws. In this scheme,the
proxy signer is able to misuse his delegated signing
capabilities and the original signer can not restrict the
proxy signer for misuse her delegation power. As a result,
the proposed scheme does not satisfy some essential
security requirements. Vermas proposed scheme
is also not secure against the original signer and proxy
singer changing attacks. Thus, the proposed scheme
is not only insecure against the attacks by original
signer and proxy signer but also has pitfalls against
the forgery attacks mounted by any antagonist
Security Analysis of Some Proxy Signature
A proxy signature scheme allows an entity to delegate his/her signing capability to another entity in such a way that the latter can sign messages on behalf of the former. Such schemes have been suggested for use in a number of applications, particularly in distributed computing where delegation of rights is quite common. Followed by the rst schemes introduced by Mambo, Usuda and Okamoto in 1996, a number of new schemes and improvements have been proposed. In this paper, we present a security analysis of four such schemes newly proposed in [15, 16]. By successfully identifying several interesting forgery attacks, we show that all the four schemes are insecure. Consequently, the fully distributed proxy scheme in [11] is also insecure since it is based on the (insecure) LKK scheme [14, 15]. In addition, we point out the reasons why the security proofs provided in [15] are invalid
An Efficient Secure Anonymous Proxy Signature Scheme
Proxy signature schemes can be used in many business applications such as
when the original signer is not present to sign important documents. Any proxy
signature scheme has to meet the identifiability, undeniability, verifiability and
unforgeability security requirements. In some conditions, it may be necessary to
protect the proxy signer’s privacy from outsiders or third parties. Recently, several
studies about proxy signature schemes have been conducted but only Yu et al.’
anonymous proxy signature scheme proposed in 2009 attempting to protect the proxy
signer’s privacy from outsiders. They claimed their scheme can make the proxy
signer anonymous. However, based on our research, we determined that this was not
the case and the proxy signer’s privacy was not anonymous. Hence, in this paper,
we propose a new anonymous proxy signature scheme that truly makes the proxy
signer anonymous while making it more secure and efficient when compared with Yu
et al.’s scheme in 2009. Our proxy signature scheme consists of two constructions.
First, we mainly use random numbers and bilinear pairings to attain the anonymous
property in our proxy. Secondly, we increase the security, integrity, and efficiency of
our proxy through modifications
Nominative Proxy Signature Schemes
In a nominative proxy signature
scheme, an original singer delegates his signing power to a proxy,
who generates a nominative signature on behalf of the original
signer. In a nominative proxy signature scheme, only the nominee
can verify the signature and if necessary, only the nominee can
prove its validity to the third party. In this paper, we first
classify the nominative proxy signature into two types,
original-nominative proxy signature and proxy-nominative proxy
signature. Then we analyze the nominative proxy scheme proposed by
Park and Lee. We show that the scheme suffers from universal
verification. We also point out that the scheme presented by S.-H.
Seo and S.-H. Lee is insecure and the scheme cannot provide
non-repudiation. Finally we present our nominative proxy signature
schemes which overcome the weakness mentioned above. Compared with
the scheme recently proposed by G.-L. Wang, our scheme is more
efficient
On the Security of a Proxy Blind Signature Scheme over Braid Groups
A proxy blind signature scheme is the combination of
proxy signature and blind signature scheme. In 2009,Verma
proposed a proxy blind signature scheme over braid groups.
Verma claimed that the proposed scheme is secure against
all possible security lapses and also satisfy all essential
security attributes.This paper analyzes Verma’s proposed
scheme and found that this scheme suffers with the serious
security vulnerabilities. This paper show that the proposed
scheme does not satisfy unforgeability and unlinkability,
which are two essential security requirement of a secure
proxy blind signature scheme
Secure Proxy Signature Schemes for Delegation of Signing Rights
A proxy signature scheme permits an entity to
delegate its signing rights to another entity. These schemes have
been suggested for use in numerous applications, particularly in
distributed computing. But to date, no proxy signature schemes
with guaranteed security have been proposed; no precise
definitions or proofs of security have been provided for such
schemes. In this paper, we formalize a notion of security for
proxy signature schemes and present provably-secure schemes. We
analyze the security of the well-known delegation-by-certificate
scheme and show that after some slight but important
modifications, the resulting scheme is secure, assuming the
underlying standard signature scheme is secure. We then show that
employment of the recently introduced aggregate signature schemes
permits bandwidth and computational savings. Finally, we analyze
the proxy signature scheme of Kim, Park and Won, which offers
important performance benefits. We propose modifications to this
scheme that preserve its efficiency, and yield a proxy signature
scheme that is provably secure in the random-oracle model, under
the discrete-logarithm assumption