Cryptology ePrint Archive: Report 2012/062

On the Security of Attribute Based Signature Schemes

S Sharmila Deva Selvi and Subhashini Venugopalan and C. Pandu Rangan

Abstract: Attribute based signatures allow users possessing a set of credentials to sign documents; although the credentials of the signer can be verified, signers can still continue to retain a reasonable degree of anonymity. In this work we discuss aspects regarding the security of some attribute based signature schemes. In particular, we show multiple breaks in the existing threshold attribute based signature schemes by Li et al. 2010. We first claim that the scheme is not secure, since it allows, a signer possessing keys for some attributes to perform universal forgery and produce a signature that can satisfy the threshold for a set of attributes she does not possess. We then show a total break in the system, where the attacker can derive a part of the secret key and act as the key generating authority to generate private keys for other users. We also include examples of the attacks to highlight the flaws of this scheme, and other ABS schemes in Li and Kim 2008, Shahandashti et al. 2009, and Kumar et al. 2010; all of which employ the same or a similar key construct.

Category / Keywords: cryptographic protocols / attribute, signatures

Date: received 11 Feb 2012, last revised 11 Feb 2012, withdrawn 20 Mar 2012

Contact author: subhashini venugopalan at gmail com

Available formats: (-- withdrawn --)

Note: Errors were pointed out by reviewers.

Version: 20120320:101033 (All versions of this report)

Discussion forum: Show discussion | Start new discussion