Cryptanalysis and Performance Evaluation of Enhanced Threshold Proxy Signature Scheme Based on RSA for Known Signers

In these days there are plenty of signature schemes such as the threshold proxy signature scheme (Kumar and Verma 2010). The network is a shared medium so that the weakness security attacks such as eavesdropping, replay attack, and modification attack. Thus, we have to establish a common key for encrypting/decrypting our communications over an insecure network. In this scheme, a threshold proxy signature scheme based on RSA, any or more proxy signers can cooperatively generate a proxy signature while or fewer of them cannot do it. The threshold proxy signature scheme uses the RSA cryptosystem to generate the private and the public key of the signers (Rivest et al., 1978). Comparison is done on the basis of time complexity, space complexity, and communication overhead. We compare the performance of four schemes (Hwang et al. (2003), Kuo and Chen (2005), Yong-Jun et al. (2007), and Li et al. (2007), with the performance of a scheme that has been proposed earlier by the authors of this paper. In the proposed scheme, both the combiner and the secret share holder can verify the correctness of the information that they are receiving from each other. Therefore, the enhanced threshold proxy signature scheme is secure and efficient against notorious conspiracy attacks

Cryptanalysis of a threshold proxy signature with known signers

A scheme of threshold proxy signature with known signers was proposed by Hwang et al. In their scheme, the receiver can identify the proxy signers that actually generated a proxy signature. Tzeng et al. demonstrated that this signature scheme is insecure and proposed an improvement to mend the information leakage. This paper shows that the improved scheme is still insecure under the original signer¡¦s forgery attack

An Efficient Secure Anonymous Proxy Signature Scheme

Proxy signature schemes can be used in many business applications such as when the original signer is not present to sign important documents. Any proxy signature scheme has to meet the identifiability, undeniability, verifiability and unforgeability security requirements. In some conditions, it may be necessary to protect the proxy signer’s privacy from outsiders or third parties. Recently, several studies about proxy signature schemes have been conducted but only Yu et al.’ anonymous proxy signature scheme proposed in 2009 attempting to protect the proxy signer’s privacy from outsiders. They claimed their scheme can make the proxy signer anonymous. However, based on our research, we determined that this was not the case and the proxy signer’s privacy was not anonymous. Hence, in this paper, we propose a new anonymous proxy signature scheme that truly makes the proxy signer anonymous while making it more secure and efficient when compared with Yu et al.’s scheme in 2009. Our proxy signature scheme consists of two constructions. First, we mainly use random numbers and bilinear pairings to attain the anonymous property in our proxy. Secondly, we increase the security, integrity, and efficiency of our proxy through modifications

The Insecurity of Two Proxy Signcryption Schemes: Proxy Credential Forgery Attack and How to Prevent It

Securing different online e-business activities usually requires applying different cryptographic algorithms. The proxy signcryption algorithms are designed for applications such as online proxy auction or online proxy signatures on business contracts, which require a proxy agent to sign on confidential messages. This paper proposes a proxy credential forgery attack to two recent proxy signcryption schemes in the literature. Using the attack, a malicious proxy signer can create a fake proxy credential from his original credential to extend his signing power. Simple modifications to these two schemes are also provided in this paper to prevent the attack without adding too much computational complexity. In addition to the contribution of introducing a new type of attacks to signcryption schemes, the paper also points out that, while designing a secure proxy signcryption scheme, not only the unforgeability of proxy signatures is important, but also that of proxy credentials as well