几个无证书签名方案的伪造攻击

doi:10.11959/j.issn.2096-109x.2020039

Abstract

Abstract:

Since Al-Riyami and Paterson proposed the novel concept of certificateless cryptography and the first certificateless signature scheme in 2003,a lot of certificateless signature schemes were proposed one after another.Recently,Tang et al proposed nine certificateless signature schemes without bilinear pairing.Although they demonstrated that their schemes were unforgeable under the assumption of elliptic curve discrete logarithmic problem,it can be found that five of their schemes could not resist the public key substitution attack,the attacker could use the user's original public key to forge a valid signature for three of these schemes.The attack methods are to demonstrate that prove five certificateless signature schemes are insecure.

Key words: certificateless signature, elliptic curve, discrete logarithm problem, public key replacement attack

CLC Number:

TP309.7

Jing WANG,Zumeng LI. Forgery attacks on several certificateless signature schemes[J]. Chinese Journal of Network and Information Security, 2020, 6(3): 108-112.

Figures/Tables 1

签名方案	签名阶段计算v 的值	验证阶段计算T'的值
1	$v = x_{a} + D_{a} + {th}_{2}$	$T' = h_{2}^{- 1} (v P - X_{a} - R_{a} - h_{1} P_{0})$
2	$v = x_{a} + D_{a} + {th}_{2}^{- 1}$	$T' = h_{2} (v P - X_{a} - R_{a} - h_{1} P_{0})$
3	$v = t^{- 1} (h_{2} x_{a} + D_{a})$	$T' = v^{- 1} (h_{2} X_{a} + R_{a} + h_{1} P_{0})$
4	$v = t^{- 1} (x_{a} + h_{2} D_{a})$	$T' = v^{- 1} (X_{a} + h_{2} R_{a} + h_{1} h_{2} P_{0})$
5	$v = t^{- 1} h_{2} (x_{a} + D_{a})$	$T' = v^{- 1} h_{2} (X_{a} + R_{a} + h_{1} P_{0})$
6	$v = t {(h_{2} x_{a} + D_{a})}^{- 1}$	$T' = v (h_{2} X_{a} + R_{a} + h_{1} P_{0})$
7	$v = t {(x_{a} + D_{a} h_{2})}^{- 1}$	$T' = v (h_{2} X_{a} + R_{a} + h_{1} P_{0})$
8	$v = t {(h_{2} x_{a} + h_{2} D_{a})}^{- 1}$	$T' = v h_{2} (X_{a} + R_{a} + h_{1} P_{0})$
9	$v = t h_{2} (x_{a} + D_{a})^{- 1}$	$T' = h_{2}^{- 1} v (X_{a} + R_{a} + h_{1} P_{0})$

References 15

[1]	AL-RIYAMI S S , PATERSON K G . Certificateless public key cryptography[C]// Advances in Cryptology-ASIACRYPT 2003. 2013: 452-473.
[2]	SHAMIR A , . Identity-based cryptosystems and signature schemes[C]// Advances in Cryptology-CRYPTO’84. 1985: 47-58.
[3]	DIFFIE W , HELLMAN M E . New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976,22(6): 664-654.
[4]	ISLAM S H , BISWAS G P . Provably secure and pairing-free certificateless digital signature scheme using elliptic curve cryptography[J]. International Journal of Computer Mathematics, 2013,90(11): 2244-2258.
[5]	FENG S R , MO J , FENG S R ,et al. An efficient and provably secure certificateless short signature scheme[C]// International Conference on Computer Science ＆ Electronics Engineering. 2013.
[6]	GONG P , LI P . Further improvement of a certificateless signature scheme without pairing[J]. International Journal of Communication Systems, 2014,27(10): 2083-2091.
[7]	ISLAM S H , OBAIDAT M S . Design of provably secure and efficient certificateless blind signature scheme using bilinear pairing[J]. Security and Communication Networks, 2015,8(18): 4319-4332.
[8]	ALLAM A M , ALI I A , MAHGOUB S M . A provably secure certificateless organizational signature schemes[J]. International Journal of Communication Systems, 2017,30(5): 1760-1768.
[9]	KYUNG-AH S . A new certificateless signature scheme provably secure in the standard model[J]. IEEE Systems Journal, 2018: 1-10.
[10]	HUANG X , MU Y , SUSILO W ,et al. Certificateless signature revisited[J]. Lecture Notes in Computer Science, 2007,4586: 308-322.
[11]	王圣宝, 刘文浩, 谢琪 . 无双线性配对的无证书签名方案[J]. 通信学报, 2012,33(4): 93-98.
	WANG S B , LIU W H , XIE Q . Certificateless signature scheme without bilinear pairings[J]. Journal on Communications, 2012,33(4): 93-98.
[12]	王亚飞, 张睿哲 . 强安全无对的无证书签名方案[J]. 通信学报, 2013,34(2): 94-99,108.
	WANG Y F , ZHANG R Z . Strongly secure certificateless signature scheme without pairings[J]. Journal on Communications, 2013,34(2): 94-99,108.
[13]	樊爱宛, 杨照锋, 谢丽明 . 强安全无证书签名方案的安全性分析与改进[J]. 通信学报, 2014,35(5): 118-123.
	FAN A W , YANG Z F , XIE L M . Security analysis and improvement of strongly secure certificate less signature scheme[J]. Journal on Communications, 2014,35(5): 118-123.
[14]	汤永利, 王菲菲, 叶青 ,等. 改进的可证明安全无证书签名方案[J]. 北京邮电大学学报, 2016,39(1): 112-116.
	TANG Y L , WANG F F , YE Q ,et al. Improved provably secure certificateless signature scheme[J]. Journal of Beijing University of Posts and Telecommunications, 2016,39(1): 112-116.
[15]	RAFAEL C , RICARDO D . Two notes on the security of certificateless signatures[C]// International Conference on Provable Security.Springer-verlag,2007. 2007: 85-102.

Metrics

Recommended 0

No Suggested Reading articles found!

Forgery attacks on several certificateless signature schemes

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 1

References 15

Related Articles 8

Metrics

Recommended 0

[1]	Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG. Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 9-19.
[2]	Ganqin LIU, Hui LI, Hui ZHU, Yukun HUANG, Xingdong LIU. Public key cryptographic algorithm SM2 optimized implementation on low power embedded platform [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 29-38.
[3]	Yurong LUO, Jin CAO, Hui LI, Xingwen ZHAO, Chao SHANG. Electronic invoice public verification scheme based on SM2 coalition signature algorithm [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 122-131.
[4]	Huibin LAI,Li XU,Yali ZENG,Rui ZHU. Elliptic curve ElGamal encryption based location privacy-preserving scheme [J]. Chinese Journal of Network and Information Security, 2020, 6(3): 30-38.
[5]	Guiwen LUO. Scheme of extending elliptic curve method to three phases [J]. Chinese Journal of Network and Information Security, 2018, 4(12): 62-66.
[6]	Qing-xiao GUO,Da-wei ZHANG,Liang CHANG,Xiao-dong LIU,Jing-wen SONG. Design and implementation of proxy-protected proxy signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2017, 3(9): 47-54.
[7]	Long GAO,Chun-ming TANG,Yong-qiang ZHANG. Multi-parties key agreement protocol based on elliptic curve [J]. Chinese Journal of Network and Information Security, 2016, 2(5): 77-80.
[8]	Hui-hui JIA,Chao WANG,Jian GU,Hao-hao SONG,Di TANG. Research and simulation of timing attacks on ECC [J]. Chinese Journal of Network and Information Security, 2016, 2(4): 56-63.