微信服务号

微信订阅号

2025-4-16- 16
Home > Archive>Volume 25, Issue 5, 2014 >1125-1131. DOI:10.13328/j.cnki.jos.004526
PDF HTML XML Export Cite reminder
Cryptanalysis of a Secure and Efficient Identity-Based Signature Scheme
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [15]
    • |
  • Related [20]
    • | | |
  • Comments
    Abstract:

    The distinguishing characteristic of identity-based signatures is that only the identity with no certificate of a signer is involved in the verification of a signature, which simplifies the key management procedures dramatically. A novel identity-based signature scheme that can be proven secure in the standard model was given by Paterson and Schuldt in 2006. Unfortunately, the scheme is not efficient in computation. An improvement due to Gu, et al. was proposed recently to improve the computational efficiency, and it was claimed as being provably secure in the standard model and more efficient than the known schemes in the same flavor. However, this paper shows that the new scheme by Gu, et al. is insecure by demonstrating two concrete attacks in which an adversary can not only forge the private key of an identity but also forge signatures on arbitrary message. The study also identifies a flaw in their security proofs, i.e., the view of the adversary in the security reduction is not independent of the event that the simulation succeeds.

    Reference
    [1] Shamir A. Identity-Based cryptosystems and signature schemes. In: Blakley GR, Chaum D, des. Advances in Cryptology—CRYPTO'84. LNCS 196, Berlin: Springer-Verlag, 1985. 47-53. [doi: 10.1007/3-540-39568-7_5]
    [2] Boneh D, Franklin M. Identity-Based encryption from the Weil pairing. In: Kilian J, ed. Advances in Cryptology—CRYPTO 2001. LNCS 2139, Berlin: Springer-Verlag, 2001. 213-229. [doi: 10.1007/3-540-44647-8_13]
    [3] Paterson KG. ID-Based signatures from pairing on elliptic curves. Electrics Letters, 2002,38(8):1025-1026. [doi: 10.1049/el:20020 682]
    [4] Cha JC, Cheon JH. An identity-based signature from gap Diffie-Hellman groups. In: Desmedt YG, ed. Proc. of the Public Key Cryptography—PKC 2003. LNCS 2567, Berlin: Springer-Verlag, 2003. 18-30. [doi: 10.1007/3-540-36288-6_2]
    [5] Xun Y. An identity-based signature scheme from the Weil pairing. IEEE Communications Letters, 2003,7(2):76-78. [doi: 10.1109/ LCOMM.2002.808397]
    [6] Gu CX, Zhu YF, Pan XY. Forking lemma and the security proofs for a class of ID-based signatures. Ruan Jian Xue Bao/Journal of Software, 2007,18(4):1007-1024 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/18/1007.htm [doi: 10.1360/ jos181007]
    [7] Ma XL, Gu LZ, Cui W, Yang YX, Hu ZX. ID-Based transitive signature schemes without random oracle. Journal on Communications, 2010,31(5):37-43 (in Chinese with English abstract).
    [8] Gu K, Jia WJ, Wang SC, Shi LW. Proxy signature in the standard model: Constructing security model and proving security. Ruan Jian Xue Bao/Journal of Software, 2012,23(9):2416-2429 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/ 4246.htm [doi: 10.3724/SPJ.1001.2012.04246]
    [9] Lu L, Hu L. Multi-Recipient public key encryption scheme based on Weil pairing. Ruan Jian Xue Bao/Journal of Software, 2008, 19(8):2159-2166 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/19/2159.htm [doi: 10.3724/SP.J.1001.2008. 02159]
    [10] Bellare M, Rogoway P. Random oracles are practical: A paradigm for designing efficient protocols. In: Denning D, Pyle R, Ganesan R, Sandhu R, Ashby V, eds. Proc. of the 1st Conf. on Computer and Communications Security. ACM Press, 1993. 62-73. [doi: 10.1145/168588.168596]
    [11] Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Journal of the ACM, 2004,51(4):557-594. [doi: 10. 1145/1008731.1008734]
    [12] Waters B. Efficient identity-based encryption without random oracles. In: Cramer R, ed. Advances in Cryptology of EUROCRYPT 2005. LNCS 3494, Berlin: Springer-Verlag, 2005. 114-127. [doi: 10.1007/11426639_7]
    [13] Paterson KG, Schuldt J. Efficient identity-based signature secure in the standard model. In: Batten L, Safavi-Nain R, eds. Proc. of the ACISP 2006. LNCS 4058, Berlin: Springer-Verlag, 2006. 207-222. [doi: 10.1007/11780656_18]
    [14] Gu K, Jia WJ, Jiang CL. Efficient and secure identity-based signature scheme. Ruan Jian Xue Bao/Journal of Software, 2011,22(6): 1350-1360 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/4002.htm [doi: 10.3724/SP.J.1001.2011.04002]
    [15] Li JG, Jiang PJ. An efficient and provably secure identity-based signature scheme in the standard model. Chinese Journal of Computers, 2009,32(11):2130-2136 (in Chinese with English abstract). [doi: 10.3724%2fSP.J.1016.2009.02130]
    Cited by
    Comments
    Comments
    分享到微博
    Submit
Get Citation

禹勇,倪剑兵,许春香,牛磊.安全高效基于身份签名方案的密码学分析.软件学报,2014,25(5):1125-1131

Copy
Share
Article Metrics
  • Abstract:3721
  • PDF: 5761
  • HTML: 1516
  • Cited by: 0
History
  • Received:October 28,2012
  • Revised:November 26,2013
  • Online: May 04,2014
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2035312Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063