Skip to main content
placeholder image

Certificateless aggregate signature scheme secure against fully chosen-key attacks

Journal Article


Abstract


  • © 2019 Certificateless aggregate signature (CLAS) schemes enjoy the benefits of both certificateless cryptography and aggregate signature features. Specifically, it not only simplifies the certificate management without introducing the key escrow problem but also transforms many signatures into one aggregate signature to save communication and computation cost. CLAS is a powerful cryptographic tool, yet its security should be thoroughly analyzed before being implemented. In this paper, we give a new insight into the security of CLAS schemes. We introduce a potential and realistic attack called fully chosen-key attacks that has not been considered in the traditional security models and define the security model against fully chosen-key attacks. In contrast to the traditional models, the adversary is allowed to hold all the signers’ private keys and its goal is not to forge an aggregate signature but to output invalid single signatures that can be aggregated into a valid aggregate signature. We find there is no CLAS scheme secure in traditional security models that is secure against fully chosen-key attacks and then demonstrate how to reinforce the security of an existing scheme to withstand such an attack.

Authors


  •   Wu, Ge (external author)
  •   Zhang, Futai (external author)
  •   Shen, Limin (external author)
  •   Guo, Fuchun
  •   Susilo, Willy

Publication Date


  • 2020

Citation


  • Wu, G., Zhang, F., Shen, L., Guo, F. & Susilo, W. (2020). Certificateless aggregate signature scheme secure against fully chosen-key attacks. Information Sciences, 514 288-301.

Scopus Eid


  • 2-s2.0-85075980658

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers1/3525

Number Of Pages


  • 13

Start Page


  • 288

End Page


  • 301

Volume


  • 514

Place Of Publication


  • United States

Abstract


  • © 2019 Certificateless aggregate signature (CLAS) schemes enjoy the benefits of both certificateless cryptography and aggregate signature features. Specifically, it not only simplifies the certificate management without introducing the key escrow problem but also transforms many signatures into one aggregate signature to save communication and computation cost. CLAS is a powerful cryptographic tool, yet its security should be thoroughly analyzed before being implemented. In this paper, we give a new insight into the security of CLAS schemes. We introduce a potential and realistic attack called fully chosen-key attacks that has not been considered in the traditional security models and define the security model against fully chosen-key attacks. In contrast to the traditional models, the adversary is allowed to hold all the signers’ private keys and its goal is not to forge an aggregate signature but to output invalid single signatures that can be aggregated into a valid aggregate signature. We find there is no CLAS scheme secure in traditional security models that is secure against fully chosen-key attacks and then demonstrate how to reinforce the security of an existing scheme to withstand such an attack.

Authors


  •   Wu, Ge (external author)
  •   Zhang, Futai (external author)
  •   Shen, Limin (external author)
  •   Guo, Fuchun
  •   Susilo, Willy

Publication Date


  • 2020

Citation


  • Wu, G., Zhang, F., Shen, L., Guo, F. & Susilo, W. (2020). Certificateless aggregate signature scheme secure against fully chosen-key attacks. Information Sciences, 514 288-301.

Scopus Eid


  • 2-s2.0-85075980658

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers1/3525

Number Of Pages


  • 13

Start Page


  • 288

End Page


  • 301

Volume


  • 514

Place Of Publication


  • United States