Abstract
Certificateless cryptography involves a Key Generation Center (KGC) which issues a partial key to a user and the user also independently generates an additional public/secret key pair in such a way that the KGC who knows only the partial key but not the additional secret key is not able to do any cryptographic operation on behalf of the user; and a third party who replaces the public/secret key pair but does not know the partial key cannot do any cryptographic operation as the user either. We call this attack launched by the third party as the key replacement attack. In ACISP 2004, Yum and Lee proposed a generic construction of digital signature schemes under the framework of certificateless cryptography. In this paper, we show that their generic construction is insecure against key replacement attack. In particular, we give some concrete examples to show that the security requirements of some building blocks they specified are insufficient to support some of their security claims. We then propose a modification of their scheme and show its security in a new and simplified security model. We show that our simplified definition and adversarial model not only capture all the distinct features of certificateless signature but are also more versatile when compared with all the comparable ones. We believe that the model itself is of independent interest.A conventional certificateless signature scheme only achieves Girault’s Level 2 security. For achieving Level 3 security, that a conventional signature scheme in Public Key Infrastructure does, we propose an extension to our definition of certificateless signature scheme and introduce an additional security model for this extension. We show that our generic construction satisfies Level 3 security after some appropriate and simple modification.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Al-Riyami S.S., Paterson K.G. (2003) Certificateless public key cryptography. In Proceedings of the ASIACRYPT 2003, pages 452–473. Springer-Verlag, LNCS 2894.
Bellare M., Namprempre C., Neven G. (2004) Security proofs for identity-based identification and signature schemes. In: Proceedings of the EUROCRYPT 2004, p268–286. LNCS 3027. Springer-Verlag, Berlin (Full paper is available at Bellare’s homepage URL: http://www-cse. ucsd.edu/users/mihir).
Bellare M., Rogaway P. (1993) Random oracles are practical: A paradigm for designing efficient protocols. In: First ACM Conference on Computer and Communications Security. ACM Fairfax, pp62–73
Blake-Wilson S., Menezes A. (1999) Unknown key-share attacks on the station-to-station (STS) protocol. In: Public key cryptography, second international workshop on practice and theory in public key cryptography, PKC ’99. LNCS 1560. Springer-Verlag, Berlin, pp154–170
Boneh D., Franklin M. (2001) Identity-based encryption from the Weil pairing. In: Proceedings of the CRYPTO 2001, LNCS 2139. Springer-Verlag, Berlin, p213–229
ElGamal T. (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inform Theory 31(4):469–472
Girault M. (1991) Self-certified public keys. In: Proceedings of the EUROCRYPT 91, LNCS 547. Springer-Verlag, Berlin, p490–497
Goldwasser S., Micali S., Rivest R. (1998) A digital signature scheme secure against adaptive chosen-message attack. SIAM J Comput 17(2):281–308
Hu B.C., Wong D.S., Zhang Z., Deng X. (2006) Key replacement attack against a generic construction of certificateless signature. In: Information security and privacy: 11th Australasian conference, ACISP 2006, LNCS 4058. Springer-Verlag, Berlin, pp235–246
Huang X., Susilo W., Mu Y., Zhang F. (2005) On the security of certificateless signature schemes from Asiacrypt 2003. In: Cryptology and network security, 4th international conference, CANS 2005, LNCS 3810. Springer-Verlag, Berlin, pp13–25
Pointcheval D., Stern J. (1996) Security proofs for signature schemes. In: Proceedings of the EUROCRYPT 96, LNCS 1070. pp387–398
Shamir A. (1984) Identity-based cryptosystems and signature schemes. In: Procedings of the CRYPTO 84, LNCS 196. Springer, Berlin, pp47–53
Yum D.H., Lee P.J. (2004) Generic construction of certificateless signature. In: Information security and privacy: 9th Australasian Conference, ACISP 2004, LNCS 3108. Springer-Verlag, Berlin, pp200–211
Zhang F., Safavi-Naini R., Susilo W. (2004) An efficient signature scheme from bilinear pairings and its applications. In: Seventh international workshop on theory and practice in public key cryptography (PKC 2004), LNCS 2947. Springer, Berlin, pp277–290
Zhang Z., Wong D., Xu J., Feng D. (2006) Certificateless public-key signature: Security model and efficient construction. In: Fourth international conference on applied cryptography and network security (ACNS 2006), LNCS 3989. Springer, Berlin, pp293–308
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by H. Wang.
A preliminary version of the extended abstract of partial results appeared in ACISP 2006 [9].
Rights and permissions
About this article
Cite this article
Hu, B.C., Wong, D.S., Zhang, Z. et al. Certificateless signature: a new security model and an improved generic construction. Des Codes Crypt 42, 109–126 (2007). https://doi.org/10.1007/s10623-006-9022-9
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-006-9022-9