Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
On the security of certificateless signature schemes from asiacrypt 2003
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Certificateless public-key signature: security model and efficient construction
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Key replacement attack against a generic construction of certificateless signature
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
General Certificateless Encryption and Timed-Release Encryption
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
On the relation among various security models for certificateless cryptography
International Journal of Applied Cryptography
Efficient and Short Certificateless Signature
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
An Improved Certificateless Signature Scheme Secure in the Standard Model
Fundamenta Informaticae
Design of DL-based certificateless digital signatures
Journal of Systems and Software
Certificateless Threshold Ring Signature
Information Sciences: an International Journal
Anonymous Signatures Revisited
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Generic certificateless encryption in the standard model
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Two notes on the security of certificateless signatures
ProvSec'07 Proceedings of the 1st international conference on Provable security
Security analysis of the certificateless signature scheme proposed at SecUbiq 2006
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Cryptanalysis of a certificateless signcryption scheme in the standard model
Information Sciences: an International Journal
Certificateless multi-proxy signature
Computer Communications
Efficient and short certificateless signatures secure against realistic adversaries
The Journal of Supercomputing
Journal of Computer Science and Technology
Strongly secure certificateless short signatures
Journal of Systems and Software
Certificateless undeniable signatures from bilinear maps
Information Sciences: an International Journal
An Improved Certificateless Signature Scheme Secure in the Standard Model
Fundamenta Informaticae
An efficient certificateless aggregate signature with constant pairing computations
Information Sciences: an International Journal
| Hi-index | 0.00 |
Certificateless cryptography involves a Key Generation Center (KGC) which issues a partial key to a user and the user also independently generates an additional public/secret key pair in such a way that the KGC who knows only the partial key but not the additional secret key is not able to do any cryptographic operation on behalf of the user; and a third party who replaces the public/secret key pair but does not know the partial key cannot do any cryptographic operation as the user either. We call this attack launched by the third party as the key replacement attack. In ACISP 2004, Yum and Lee proposed a generic construction of digital signature schemes under the framework of certificateless cryptography. In this paper, we show that their generic construction is insecure against key replacement attack. In particular, we give some concrete examples to show that the security requirements of some building blocks they specified are insufficient to support some of their security claims. We then propose a modification of their scheme and show its security in a new and simplified security model. We show that our simplified definition and adversarial model not only capture all the distinct features of certificateless signature but are also more versatile when compared with all the comparable ones. We believe that the model itself is of independent interest.A conventional certificateless signature scheme only achieves Girault's Level 2 security. For achieving Level 3 security, that a conventional signature scheme in Public Key Infrastructure does, we propose an extension to our definition of certificateless signature scheme and introduce an additional security model for this extension. We show that our generic construction satisfies Level 3 security after some appropriate and simple modification.