Security weaknesses in two proxy signature schemes

J. Lu

doi:10.1007/11751595_50

Security weaknesses in two proxy signature schemes

J. Lu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Abstract

Allowing a proxy signer to generate a signature on behalf of an original signer, a proxy signature should satisfy the property of strong unforgeability: anyone except the designated proxy signer cannot create a valid proxy signature on behalf of the original signer. Since proxy signatures, as well as their derivatives, can be used in many applications in reality, such as secure mobile agent, e-commerce systems and etc., they have been receiving extensive research recently. In this paper, we show that the proxy signature scheme [14] from ISPA’04 will suffer from the original signer’s forgery attack if the original signer once gets a valid proxy signature on a message, and a similar attack arises in the proxy signature scheme [1] from AWCC’04 if the verifier does not check the originality of the proxy signer’s proxy public key before verifying a proxy signature. Therefore, in some degree, neither of these two schemes meets the property of strong unforgeability.

Original language	English
Title of host publication	Computational Science and Its Applications - ICCSA 2006
Subtitle of host publication	International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part III
Editors	M.L. Gavrilova, O. Gervasi, V. Kumar, C.J.K. Tan, D. Taniar, A. Laganà, Y. Mun, H. Choo
Place of Publication	Berlin
Publisher	Springer
Chapter	50
Pages	466-475
Number of pages	10
ISBN (Electronic)	978-3-540-34076-8
ISBN (Print)	3-540-34075-0, 978-3-540-34075-1
DOIs	https://doi.org/10.1007/11751595_50
Publication status	Published - 2006

Publication series

Name	Lecture Notes in Computer Science (LNCS)
Volume	3982
ISSN (Print)	0302-9743

Access to Document

10.1007/11751595_50

Cite this

Lu, J. (2006). Security weaknesses in two proxy signature schemes. In M. L. Gavrilova, O. Gervasi, V. Kumar, C. J. K. Tan, D. Taniar, A. Laganà, Y. Mun, & H. Choo (Eds.), Computational Science and Its Applications - ICCSA 2006 : International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part III (pp. 466-475). (Lecture Notes in Computer Science (LNCS); Vol. 3982). Springer. https://doi.org/10.1007/11751595_50

Lu, J. / Security weaknesses in two proxy signature schemes. Computational Science and Its Applications - ICCSA 2006 : International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part III. editor / M.L. Gavrilova ; O. Gervasi ; V. Kumar ; C.J.K. Tan ; D. Taniar ; A. Laganà ; Y. Mun ; H. Choo. Berlin : Springer, 2006. pp. 466-475 (Lecture Notes in Computer Science (LNCS)).

@inproceedings{f1192e1856314af3945c20c1200630d5,

title = "Security weaknesses in two proxy signature schemes",

abstract = "Allowing a proxy signer to generate a signature on behalf of an original signer, a proxy signature should satisfy the property of strong unforgeability: anyone except the designated proxy signer cannot create a valid proxy signature on behalf of the original signer. Since proxy signatures, as well as their derivatives, can be used in many applications in reality, such as secure mobile agent, e-commerce systems and etc., they have been receiving extensive research recently. In this paper, we show that the proxy signature scheme [14] from ISPA{\textquoteright}04 will suffer from the original signer{\textquoteright}s forgery attack if the original signer once gets a valid proxy signature on a message, and a similar attack arises in the proxy signature scheme [1] from AWCC{\textquoteright}04 if the verifier does not check the originality of the proxy signer{\textquoteright}s proxy public key before verifying a proxy signature. Therefore, in some degree, neither of these two schemes meets the property of strong unforgeability.",

author = "J. Lu",

year = "2006",

doi = "10.1007/11751595\_50",

language = "English",

isbn = "3-540-34075-0",

series = "Lecture Notes in Computer Science (LNCS)",

publisher = "Springer",

pages = "466--475",

editor = "M.L. Gavrilova and O. Gervasi and V. Kumar and C.J.K. Tan and D. Taniar and A. Lagan{\`a} and Y. Mun and H. Choo",

booktitle = "Computational Science and Its Applications - ICCSA 2006",

address = "Germany",

}

Lu, J 2006, Security weaknesses in two proxy signature schemes. in ML Gavrilova, O Gervasi, V Kumar, CJK Tan, D Taniar, A Laganà, Y Mun & H Choo (eds), Computational Science and Its Applications - ICCSA 2006 : International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part III. Lecture Notes in Computer Science (LNCS), vol. 3982, Springer, Berlin, pp. 466-475. https://doi.org/10.1007/11751595_50

Security weaknesses in two proxy signature schemes. / Lu, J.
Computational Science and Its Applications - ICCSA 2006 : International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part III. ed. / M.L. Gavrilova; O. Gervasi; V. Kumar; C.J.K. Tan; D. Taniar; A. Laganà; Y. Mun; H. Choo. Berlin: Springer, 2006. p. 466-475 (Lecture Notes in Computer Science (LNCS); Vol. 3982).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Security weaknesses in two proxy signature schemes

AU - Lu, J.

PY - 2006

Y1 - 2006

N2 - Allowing a proxy signer to generate a signature on behalf of an original signer, a proxy signature should satisfy the property of strong unforgeability: anyone except the designated proxy signer cannot create a valid proxy signature on behalf of the original signer. Since proxy signatures, as well as their derivatives, can be used in many applications in reality, such as secure mobile agent, e-commerce systems and etc., they have been receiving extensive research recently. In this paper, we show that the proxy signature scheme [14] from ISPA’04 will suffer from the original signer’s forgery attack if the original signer once gets a valid proxy signature on a message, and a similar attack arises in the proxy signature scheme [1] from AWCC’04 if the verifier does not check the originality of the proxy signer’s proxy public key before verifying a proxy signature. Therefore, in some degree, neither of these two schemes meets the property of strong unforgeability.

AB - Allowing a proxy signer to generate a signature on behalf of an original signer, a proxy signature should satisfy the property of strong unforgeability: anyone except the designated proxy signer cannot create a valid proxy signature on behalf of the original signer. Since proxy signatures, as well as their derivatives, can be used in many applications in reality, such as secure mobile agent, e-commerce systems and etc., they have been receiving extensive research recently. In this paper, we show that the proxy signature scheme [14] from ISPA’04 will suffer from the original signer’s forgery attack if the original signer once gets a valid proxy signature on a message, and a similar attack arises in the proxy signature scheme [1] from AWCC’04 if the verifier does not check the originality of the proxy signer’s proxy public key before verifying a proxy signature. Therefore, in some degree, neither of these two schemes meets the property of strong unforgeability.

U2 - 10.1007/11751595_50

DO - 10.1007/11751595_50

M3 - Conference contribution

SN - 3-540-34075-0

SN - 978-3-540-34075-1

T3 - Lecture Notes in Computer Science (LNCS)

SP - 466

EP - 475

BT - Computational Science and Its Applications - ICCSA 2006

A2 - Gavrilova, M.L.

A2 - Gervasi, O.

A2 - Kumar, V.

A2 - Tan, C.J.K.

A2 - Taniar, D.

A2 - Laganà, A.

A2 - Mun, Y.

A2 - Choo, H.

PB - Springer

CY - Berlin

ER -

Lu J. Security weaknesses in two proxy signature schemes. In Gavrilova ML, Gervasi O, Kumar V, Tan CJK, Taniar D, Laganà A, Mun Y, Choo H, editors, Computational Science and Its Applications - ICCSA 2006 : International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part III. Berlin: Springer. 2006. p. 466-475. (Lecture Notes in Computer Science (LNCS)). doi: 10.1007/11751595_50

Security weaknesses in two proxy signature schemes

Abstract

Publication series

Access to Document

Fingerprint

Cite this