Paper 2019/940

Security analysis of two lightweight certificateless signature schemes

Nasrollah Pakniat

Abstract

Certificateless cryptography can be considered as an intermediate solution to overcome the issues in traditional public key infrastructure (PKI) and identity-based public key cryptography (ID-PKC). There exist a vast number of certificateless signature (CLS) schemes in the literature; however, most of them are not efficient enough to be utilized in limited resources environments such as Internet of things (IoT) or Healthcare Wireless Sensor Networks (HWSN). Recently, two lightweight CLS schemes have been proposed by Karati et al. and Kumar et al. to be employed in IoT and HWSNs, respectively. While both schemes are claimed to be existentially unforgeable, in this paper, we show that both these signatures can easily be forged. More specifically, it is shown that 1) in Karati et al.'s scheme, a type 1 adversary, considered in certificateless cryptography, can generate a valid partial private key corresponding to any user of its choice and as a consequence, it can forge any users' signature on any message of its choice, and 2) in Kumar et al.'s scheme, both types of adversaries which are considered in certificateless cryptography are able to forge any signer's signature on an arbitrary message.

Note: Please cite this article as: Pakniat, N. (2019). Security Analysis of Two Lightweight Certificateless Signature Schemes. Journal of Computing and Security, 5(2), 1-7. doi: 10.22108/jcs.2019.110889.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. Journal of Computing and Security
DOI
10.22108/JCS.2019.110889
Keywords
Certificateless cryptographyCryptanalysisSignatureIndustrial Internet of ThingsHealthcare Wireless Sensor Networks.
Contact author(s)
pakniat @ irandoc ac ir
History
2019-08-18: received
Short URL
https://ia.cr/2019/940
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/940,
      author = {Nasrollah Pakniat},
      title = {Security analysis of two lightweight certificateless signature schemes},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/940},
      year = {2019},
      doi = {10.22108/JCS.2019.110889},
      url = {https://eprint.iacr.org/2019/940}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.