Observing the security of existing identity-based proxy signature schemes was proven in the random oracle model, Cao et al. proposed the first direct construction of identity-based proxy signature secure in the standard model by making use of the identity-based signature due to Paterson and Schuldt. They also provided a security proof to show their construction is secure against forgery attacks without resorting to the random oracles. Unfortunately, in this letter, we demonstrate that their scheme is vulnerable to insider attacks. Specifically, after a private-key extraction query, an adversary, behaving as a malicious original signer or a malicious proxy signer, is able to violate the unforgeability of the scheme.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Ying SUN, Yong YU, Xiaosong ZHANG, Jiwen CHAI, "On the Security of an Identity-Based Proxy Signature Scheme in the Standard Model" in IEICE TRANSACTIONS on Fundamentals,
vol. E96-A, no. 3, pp. 721-723, March 2013, doi: 10.1587/transfun.E96.A.721.
Abstract: Observing the security of existing identity-based proxy signature schemes was proven in the random oracle model, Cao et al. proposed the first direct construction of identity-based proxy signature secure in the standard model by making use of the identity-based signature due to Paterson and Schuldt. They also provided a security proof to show their construction is secure against forgery attacks without resorting to the random oracles. Unfortunately, in this letter, we demonstrate that their scheme is vulnerable to insider attacks. Specifically, after a private-key extraction query, an adversary, behaving as a malicious original signer or a malicious proxy signer, is able to violate the unforgeability of the scheme.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E96.A.721/_p
Copy
@ARTICLE{e96-a_3_721,
author={Ying SUN, Yong YU, Xiaosong ZHANG, Jiwen CHAI, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={On the Security of an Identity-Based Proxy Signature Scheme in the Standard Model},
year={2013},
volume={E96-A},
number={3},
pages={721-723},
abstract={Observing the security of existing identity-based proxy signature schemes was proven in the random oracle model, Cao et al. proposed the first direct construction of identity-based proxy signature secure in the standard model by making use of the identity-based signature due to Paterson and Schuldt. They also provided a security proof to show their construction is secure against forgery attacks without resorting to the random oracles. Unfortunately, in this letter, we demonstrate that their scheme is vulnerable to insider attacks. Specifically, after a private-key extraction query, an adversary, behaving as a malicious original signer or a malicious proxy signer, is able to violate the unforgeability of the scheme.},
keywords={},
doi={10.1587/transfun.E96.A.721},
ISSN={1745-1337},
month={March},}
Copy
TY - JOUR
TI - On the Security of an Identity-Based Proxy Signature Scheme in the Standard Model
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 721
EP - 723
AU - Ying SUN
AU - Yong YU
AU - Xiaosong ZHANG
AU - Jiwen CHAI
PY - 2013
DO - 10.1587/transfun.E96.A.721
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E96-A
IS - 3
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - March 2013
AB - Observing the security of existing identity-based proxy signature schemes was proven in the random oracle model, Cao et al. proposed the first direct construction of identity-based proxy signature secure in the standard model by making use of the identity-based signature due to Paterson and Schuldt. They also provided a security proof to show their construction is secure against forgery attacks without resorting to the random oracles. Unfortunately, in this letter, we demonstrate that their scheme is vulnerable to insider attacks. Specifically, after a private-key extraction query, an adversary, behaving as a malicious original signer or a malicious proxy signer, is able to violate the unforgeability of the scheme.
ER -