On the Security of a Certificate-Based Signature Scheme and Its Improvement with Pairings

  • Jianhong Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5451)


In traditional public key signature, the public key of a signer is essentially a random string selected from a given set. It is infeasible to prove that a party is indeed the signer for a given signature. In general, the public key of a user needs a management authority to authenticate it. It results in that traditional public key cryptosystem (PKC) requires high maintenance cost for certificate management. Although, identity based cryptosystem (IBC) reduces the overhead of management, it suffers from the drawback of key escrow. Certificate-based cryptosystem combines the advantage of both PKC and IBC as it avoids the usage of certificates and does not suffer from key escrow. Recently, Liu proposed an efficient Certificate-based signature and showed that the scheme was secure in the random oracles. Unfortunately, this paper shows that the scheme is insecure and discusses the flaws in their security proof. Then the corresponding attacks are given. To overcome the flaws, an improved scheme is proposed and the result shows that the scheme is provable secure against two game attacks of certificate-based signature in the random oracle model. The security is closely related to the computational Diffie-Hellman problem.


Security analysis attack improved scheme the CDH problem certificate-based signature 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Au, M.H., Liu, J.K., Susilo, W., Yuen, T.H.: Certificate based (Linkable) ring signature. In: Dawson, E., Wong, D.S. (eds.) ISPEC 2007. LNCS, vol. 4464, pp. 79–92. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Gentry, C.: Certificate-based Encryption and the Certificate Revocation Problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Geiselmann, W., Steinwandt, R.: A Key Substitution Attack on SFLASH, Cryptology ePrint Archive: Report 2004/245 (2004),
  4. 4.
    Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. Journal of Cryptology 17(4), 297–319Google Scholar
  5. 5.
    Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of computing 17(2), 281–308 (1988)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Li, J., Huang, X., Mu, Y., Susilo, W., Wu, Q.: Certificate-based signature: Security model and efficient construction. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 110–125. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Kang, B.G., Park, J.H., Hahn, S.G.: A certificate-based signature scheme. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 99–111. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Liu, J.K., Baek, J., Susilo, W., Zhou, J.: Cettificate-based Signature Scheme without Pairings or Random oracles. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 285–297. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Nyberg, K., Rueppel, R.A.: Message recovery for signature schemes based on the discrete logarithm problem. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 182–193. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  12. 12.
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  13. 13.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  14. 14.
    Wang, L.H., Shao, J., Cao, Z.-F., Mambo, M., Yamamura, A.: A certificate-based proxy cryptosystem with revocable proxy decryption power. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 297–311. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Zheng, Y.: Identification, Signature and Signcryption using High Order Residues Modulo an RSA Composite. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 48–63. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Zheng, Y.: Signcryption and its applications in efficient public key solutions. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 291–312. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Jianhong Zhang
    • 1
  1. 1.College of ScienceNorth China University of TechnologyBeijingP.R. China

Personalised recommendations