Security pitfalls of an efficient threshold proxy signature scheme for mobile agents

Authors:
Yong Yu;Yi Mu;Willy Susilo;Man Ho Au
Affiliations:
School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 610054, PR China and School of Computer Science and Software Engineering, University ...;School of Computer Science and Software Engineering, University of Wollongong, Wollongong, NSW 2522, Australia;School of Computer Science and Software Engineering, University of Wollongong, Wollongong, NSW 2522, Australia;School of Computer Science and Software Engineering, University of Wollongong, Wollongong, NSW 2522, Australia
Venue:
Information Processing Letters
Year:
2014

Citing 15
Cited 0

A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
New nonrepudiable threshold proxy signature scheme with known signers

Journal of Systems and Software
Proxy signature schemes based on factoring

Information Processing Letters
Secure Mobile Agent Using Strong Non-designated Proxy Signature

ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Proxy signatures, Revisited

ICICS '97 Proceedings of the First International Conference on Information and Communication Security
A Practical (t, n) Threshold Proxy Signature Scheme Based on the RSA Cryptosystem

IEEE Transactions on Knowledge and Data Engineering
Comments on "A Practical (t,n) Threshold Proxy Signature Scheme Based on the RSA Cryptosystem'

IEEE Transactions on Knowledge and Data Engineering
A Computational Introduction to Number Theory and Algebra

A Computational Introduction to Number Theory and Algebra
Efficient threshold proxy signature protocol for mobile agents

Information Sciences: an International Journal
Riemann's hypothesis and tests for primality

Journal of Computer and System Sciences
Strongly unforgeable proxy signature scheme secure in the standard model

Journal of Systems and Software
A short proxy signature scheme: efficient authentication in the ubiquitous world

EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Secure Proxy Signature Schemes for Delegation of Signing Rights

Journal of Cryptology
Cryptanalysis of RSA with private key d less than N0.292

IEEE Transactions on Information Theory
Cryptanalysis of short RSA secret exponents

IEEE Transactions on Information Theory

Quantified Score

Hi-index	0.89

Visualization

Abstract

A (t,n) threshold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t-1 or less of them cannot produce a valid proxy signature. Based on the RSA cryptosystem, Hong proposed an efficient (t,n) threshold proxy signature for mobile agents. Cai et al. found that the scheme due to Hong is proxy-unprotected, meaning that the original signer can generate a valid proxy signature by himself. However, it is unclear whether the scheme can be used in reality after fixing the security problem discovered by Cai et al. In this letter, we provide a detailed analysis on Hong@?s scheme and show that the scheme fails to achieve the properties of secrecy, proxy protected, undeniability, identifiability and even time constraint and thus adopted of this efficient construction in practice is not recommended.