Tight reduction for generic construction of certificateless signature and its instantiation from DDH assumption

Certificateless signature was proposed by Al-Riyami and Paterson to eliminate the certificate management in the public-key infrastructures and solve the key escrow problem in the identity-based signature. In 2007, Hu et al. proposed a generic construction of certificateless signature. They construct certificateless signature scheme from any standard identity-based signature and signature scheme.However, their security reduction is loose; the security of the constructed scheme depends on the number of users. In this paper, we give the tight reduction for their construction and instantiate a tightly-secure certificateless signature scheme without pairing from DDH assumption. Best of our knowledge, this scheme is the first tightly-secure certificateless signature scheme

Certificateless Signature Scheme Based on Rabin Algorithm and Discrete Logarithm

Certificateless signature can effectively immue the key escrow problem in the identity-based signature scheme. But the security of the most certificateless signatures usually depends on only one mathematical hard problem, which makes the signature vulnerable when the underlying hard problem has been broken. In order to strengthen the security, in this paper, a certificateless signature whose security depends on two mathematical hard problems, discrete logarithm and factoring problems, is proposed. Then, the proposed certificateless signature can be proved secure in the random oracle, and only both of the two mathematical hard problems are solved, can the proposed signature be broken. As a consequence, the proposed certificateless signature is more secure than the previous signatures. On the other hand, with the pre-computation of the exponential modular computation, it will save more time in the signature signing phase. And compared with the other schemes of this kind, the proposed scheme is more efficient

Deep Attacks of a Certificateless Signature Scheme

Certificateless public key cryptography is an attractive paradigm since it eliminates the use of certificates in traditional public key cryptography and alleviates the inherent key escrow problem in identity-based cryptography. Recently, Xiong et al. proposed a certificateless signature scheme and proved that their scheme is existentially unforgeable against adaptive chosen message attack under the random oracle model. He et al. pointed out that Xiong et al.’s scheme is insecure against the Type II adversary. But, their forged signatures are not random, and their improved scheme has the same security defects as Xiong et al.’s scheme. In this paper, we present two malicious-but-passive KGC attack methods on Xiong et al.’s scheme and our results show that their scheme is insecure against malicious-but-passive KGC attack

Practical Certificateless Aggregate Signatures From Bilinear Maps

Aggregate signature is a digital signature with a striking property that anyone can aggregate n individual signatures on n different messages which are signed by n distinct signers, into a single compact signature to reduce computational and storage costs. In this work, two practical certificateless aggregate signature schemes are proposed from bilinear maps. The first scheme CAS-1 reduces the costs of communication and signer-side computation but trades off the storage, while CAS-2 minimizes the storage but sacrifices the communication costs. One can choose either of the schemes by consideration of the application requirement. Compare with ID-based schemes, our schemes do not entail public key certificates as well and achieve the trust level 3, which imply the frauds of the authority are detectable. Both of the schemes are proven secure in the random oracle model by assuming the intractability of the computational Diffie-Hellman problem over the groups with bilinear maps, where the forking lemma technique is avoided

Cryptanalysis on two certificates signature schemes

Certificateless cryptography has attracted a lot of attention from the research community, due to its applicability in information security. In this paper, we analyze two recently proposed certificateless signature schemes and point out their security flaws. In particular, we demonstrate universal forgeries against these schemes with known message attack

Cryptanalysis on Two Certificateless Signature Schemes

Certificateless cryptography has attracted a lot of attention from the research community, due to its applicability in information security. In this paper, we analyze two recently proposed certificateless signature schemes and point out their security flaws. In particular, we demonstrate universal forgeries against these schemes with known message attacks

Insecurity of a Certificate-free Ad Hoc Anonymous Authentication

Abstract The ring signature scheme is a simplified group signature scheme for no manager while preserving unconditionally anonymous of the signer. Certificateless cryptography is introduced for eliminating the use of certificates in Public Key Infrastructure and solving the key-escrow problem in ID-based cryptogratography. Recently, Qin et al. proposed the first RSA-based certificateless ring signature scheme which was proved unforgeable in random oracle model. In this paper, we demonstrated that this scheme was not secure against the Type I adversary