IEEE Access (Jan 2019)

Top-Level Secure Certificateless Signature Against Malicious-But-Passive KGC

  • Wenjie Yang,
  • Shangpeng Wang,
  • Wei Wu,
  • Yi Mu

DOI
https://doi.org/10.1109/ACCESS.2019.2935252
Journal volume & issue
Vol. 7
pp. 112870 – 112878

Abstract

Read online

Certificateless signature (CLS) has no need of public key certificates and also avoids excessive dependence to a third party like that in identity-based setting. Recently, Shim (IEEE Systems Journal, doi:10.1109/JSYST.2018.2844809) came up with a CLS scheme independent of random oracles and asserted that the construction can be immune to the public key replacement attacks and the malicious-but-passive key generation center (KGC) attacks. In this paper, we analyze the security of Shim's scheme and point out that his conclusions are incorrect by giving two concrete counter-examples. We repair the scheme and put forward a CLS scheme secure against public key replacement attacks and malicious-but-passive KGC attacks without relying on random oracles. Compared with Shim's scheme, our construction has lower execution cost for signing and verification, and achieves Girault's top-level security, which means that a victim can repudiate the forgeries based on a false secret key generated by the KGC.

Keywords