Informatica

The primitive of certificateless signature, since its invention, has become a widely studied paradigm due to the lack of key escrow problem and certificate management problem. However, this primitive cannot resist catastrophic damage caused by key exposure. Therefore, it is necessary to integrate revocation mechanism into certificateless signature. In this paper, we propose a new certificateless signature scheme with revocation (RCLS) and prove its security under the standard model. In the meanwhile, our scheme can resist malicious-but-passive Key Generation Center (KGC) attacks that were not possible in previous solutions. The theoretical analysis shows our scheme has high efficiency and practicality.

A proxy signature scheme enables an original signer to delegate its signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. Recently, in order to eliminate the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography, the notion of certificateless public key cryptography was introduced. In this paper, we first present a security model for certificateless proxy signature schemes, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie–Hellman problem in the random oracle with a tight reduction.

In 2001, Hsu et al. proposed a non‐repudiable threshold proxy signature with known signers. In their scheme, the proxy group cannot deny having signed the proxy signature if they did. However, Hsu et al.'s scheme is vulnerable to some attacks. A malicious original signer or malicious proxy signer can impersonate some other proxy signers to generate proxy signatures. In this article, we shall present our cryptanalysis of the Hsu et al.'s scheme. After that, we shall propose a new threshold proxy signature that can overcome the weaknesses.

Sun's nonrepudiation threshold proxy signature scheme is not secure against the collusion attack. In order to guard against the attack, Hwang et al. proposed another threshold proxy signature scheme. However, a new attack is proposed to work on both Hwang et al.'s and Sun's schemes. By executing this attack, one proxy signer and the original signer can forge any valid proxy signature. Therefore, both Hwang et al.'s scheme and Sun's scheme were insecure.

In the (t,n) proxy signature scheme, the signature, originally signed by a signer, can be signed by t or more proxy signers out of a proxy group of n members. Recently, an efficient nonrepudiable threshold proxy signature scheme with known signers was proposed by H.-M. Sun. Sun's scheme has two advantages. One is nonrepudiation. The proxy group cannot deny that having signed the proxy signature. Any verifier can identify the proxy group as a real signer. The other is identifiable signers. The verifier is able to identify the actual signers in the proxy group. Also, the signers cannot deny that having generated the proxy signature. In this article, we present a cryptanalysis of the Sun's scheme. Further, we propose a secure, nonrepudiable and known signers threshold proxy signature scheme which remedies the weakness of the Sun's scheme.