Security Analysis of a Revocable and Strongly Unforgeable Identity-Based Signature Scheme

Authors

  • Xiaodong Yang College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China; State Key Laboratory of Cryptology, Beijing 100878, China
  • Tingchun Ma College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China
  • Ping Yang College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China
  • Faying An College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China
  • Caifen Wang College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China

DOI:

https://doi.org/10.5755/j01.itc.47.3.18528

Keywords:

Revocable identity-based signature, strong unforgeability, signing key exposure, standard model, bilinear pairing, security

Abstract

Revocation functionality is very important for an identity-based signature to revoke users efficiently and securely. Hung et al. proposed a revocable identity-based signature (RIBS) scheme in the standard model and proved that it was strongly unforgeable against chosen-message attacks. However, we find that their RIBS scheme is insecure. In this paper, we provide a security analysis of Hung et al.’s RIBS scheme by showing concrete attacks. Our analysis shows that Hung et al.’s RIBS scheme does not satisfy the requirement of strong unforgeability, and thus, an adversary can forge a legal signature for a previously signed message. We also note serious flaws in their security proofs. The simulator of Hung et al.’s security argument cannot correctly answer the signing query in the security model, and the adversary can obtain any valid signature. Furthermore, we demonstrate that Hung et al.’s RIBS scheme is vulnerable to signing key exposure attack. To solve these problems, we construct an improved RIBS scheme with strong unforgeability and signing key exposure resistance in the standard model. Compared with previous RIBS schemes without random oracles, our scheme has advantages regarding computational cost and security.

DOI: http://dx.doi.org/10.5755/j01.itc.47.3.18528

Author Biography

Xiaodong Yang, College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China; State Key Laboratory of Cryptology, Beijing 100878, China

College of Computer Science and Engineering

Downloads

Published

2018-09-10

Issue

Section

Articles