Abstract
Allowing a proxy signer to generate a signature on behalf of an original signer, a proxy signature should satisfy the property of strong unforgeability: anyone except the designated proxy signer cannot create a valid proxy signature on behalf of the original signer. Since proxy signatures, as well as their derivatives, can be used in many applications in reality, such as secure mobile agent, e-commerce systems and etc., they have been receiving extensive research recently. In this paper, we show that the proxy signature scheme [14] from ISPA’04 will suffer from the original signer’s forgery attack if the original signer once gets a valid proxy signature on a message, and a similar attack arises in the proxy signature scheme [1] from AWCC’04 if the verifier does not check the originality of the proxy signer’s proxy public key before verifying a proxy signature. Therefore, in some degree, neither of these two schemes meets the property of strong unforgeability.
The work as well as the author was supported by a Royal Holloway Scholarship.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cao, T., Lin, D., Xue, R.: Improved privacy-protecting proxy signature scheme. In: Chi, C.-H., Lam, K.-Y. (eds.) AWCC 2004. LNCS, vol. 3309, pp. 208–213. Springer, Heidelberg (2004)
Dai, J., Yang, X., Dong, J.: A privacy-protecting proxy signature scheme and its application. In: Proc. of The 42nd annual Southeast regional conference, ACM Southeast Regional Conference, pp. 203–206 (2004)
Guo, L., Wang, G., Bao, F.: On the security of a threshold proxy signature scheme using self-certified public keys. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, Springer, Heidelberg (2005), http://www.i2r.a-star.edu.sg/icsd/staff/guilin/publications.htm
Lee, B., Kim, H., Kim, K.: Strong proxy signature and its applications. In: Proc. of SCIS 2001 — 2001 Symposium on Cryptography and Information Security, Japan, pp. 603–608 (2001)
Lee, B., Kim, H., Kim, K.: Secure mobile agent using strong non-designated proxy signature. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 474–486. Springer, Heidelberg (2001)
Li, L., Tzeng, S., Hwang, M.: Generalization of proxy signature-based on discrete logarithms. Computers & Security 22(3), 245–255 (2003)
Mambo, M., Usuda, K., Okamoto, E.: Proxy signature: delegation of the power to sign messages. IEICE Trans. Fundamentals E79-A(9), 1338–1353 (1996)
Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proc. of 3rd ACM Conference on Computer and Communications Security, pp. 48–57. ACM press, New York (1996)
Park, H.U., Lee, I.Y.: A digital nominative proxy signature scheme for mobile communications. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 451–455. Springer, Heidelberg (2001)
Sun. H., Hsieh. B., On the security of some proxy signature schemes, Cryptology ePrint Archive: Report 2003/068, Available at http://eprint.iacr.org/2003/068
Tan, Z., Liu, Z., Wang, M.: On the security of some nonrepudiable threshold proxy signature schemes. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds.) ISPEC 2005. LNCS, vol. 3439, pp. 374–385. Springer, Heidelberg (2005)
Wang, G., Bao, F., Zhou, J., Deng, R.H.: Security analysis of some proxy signatures. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 305–319. Springer, Heidelberg (2004)
Wang. G., Bao. F., Zhou. J., and Deng. R.H., Comments on a Threshold Proxy Signature Scheme Based on the RSA Cryptosystem, Cryptology ePrint Archive: Report 2004/054, Available at http://eprint.iacr.org/2004/054
Xue, Q., Cao, Z.: A threshold proxy signature scheme using self-certified public keys. In: Cao, J., Yang, L.T., Guo, M., Lau, F. (eds.) ISPA 2004. LNCS, vol. 3358, pp. 715–724. Springer, Heidelberg (2004)
Zhang, K.: Threshold proxy signature schemes. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 191–197. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lu, J. (2006). Security Weaknesses in Two Proxy Signature Schemes. In: Gavrilova, M., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3982. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751595_50
Download citation
DOI: https://doi.org/10.1007/11751595_50
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34075-1
Online ISBN: 978-3-540-34076-8
eBook Packages: Computer ScienceComputer Science (R0)