International Association for Cryptologic Research (IACR)
Abstract
An identity-based multi-proxy signature is a type of proxy signatures in
which the delegation of signing right is distributed among a number of proxy signers.
In this type of cryptographic primitive, cooperation of all proxy signers in the proxy
group generates the proxy signatures of roughly the same size as that of standard proxy
signatures on behalf of the original signer, which is more efficient than transmitting
individual proxy signatures. Since identity-based multi-proxy signatures are useful in
distributed systems, grid computing, presenting a provably secure identity-based multi-proxy scheme is desired.
In 2013, Sahu and Padhye proposed the first provably secure identity-based multi-proxy signature scheme in the random oracle model, and proved that their scheme is existential unforgeable against adaptive chosen message and identity attack. Unfortunately, in this
paper, we show that their scheme is insecure. We present two forgery attacks on their scheme. Furthermore, their scheme is not resistant against proxy key exposure attack. As a consequence, there is no provably secure identity-based multi-proxy signature scheme
secure against proxy key exposure attack to date