IEEE Access (Jan 2024)
Cryptanalysis of Compact Certificateless Aggregate Signature Schemes for HWMSNs and VANETs
Abstract
Certificateless cryptosystems resolve the critical problems in public-key cryptosystems and identity-based cryptosystems. A certificateless aggregate signature scheme aggregates multiple signatures of multiple signers into a single signature that significantly reduces computational cost for verification and total communication overhead. Compactness of the aggregate signature scheme means that the size of an aggregate signature is independent of the number of signers. The aggregation of multiple signatures is an important technique to save communication bandwidth in IoT applications and to reduce the verification for n individual signatures to that for a certificateless aggregate signature. Due to the suitability of compact certificateless aggregate signature (CLAS) schemes for IoT environments, there have been proposed many similar compact CLAS schemes and, despite their security proofs under the hardness assumptions, almost of them have been cryptanalyzed and then modified to prevent the attacks. In this paper, we show that two compact CLAS schemes, Zhan et al.’s scheme and Chen-Chen’s scheme, are insecure against universal forgery attacks and type I attacks. Analyzing the design methodology and vulnerabilities against the attacks on the two compact CLAS schemes, we propose countermeasures to prevent the attacks.
Keywords
