Cryptanalysis and Improvement of a New Certificateless Signature Scheme in the Standard Model

摘要

Digital signature,as an important cryptographic primitive,has been widely used in many application scenarios,such as e-commerce,authentication,cloud computing,and so on.Certificateless Public Key Cryptography(PKC)can get rid of the certificate management problem in the traditional Public Key Infrastructure(PKI)and eliminate the key-escrow problem in the identity-based PKC.Lately,a new Certificateless Signature(CLS)scheme has been proposed by Kyung-Ah Shim(IEEE SYSTEMS JOURNAL,2018,13(2)),which claimed to achieve provable security in the standard model.Unfortunately,we present a concrete attack to demonstrate that the scheme cannot defend against the Type I adversary.In this type of attack,the adversary can replace the public key of the signer,and then he plays the role of the signer to forge a legal certificateless signature on any message.Furthermore,we give an improved CLS scheme to resist such an attack.In terms of the efficiency and the signature length,the improved CLS is preferable to the original scheme and some recently proposed CLS schemes in the case of precomputation.