Insecurity of One Decentralized Attribute-based Signature Scheme for Social Co-governance

Zhengjun Cao; Lihua Liu

Paper 2025/599

Insecurity of One Decentralized Attribute-based Signature Scheme for Social Co-governance

Zhengjun Cao

Lihua Liu

Abstract

We show that the attribute-based signature scheme [Information Sciences, 654(2024), 119839] is insecure, because an adversary can generate valid signatures for any message even though he cannot access the signer's secret key. The four components of signature ${δ_{1}, δ_{2}, δ_{3}, δ_{4}}$ are not tightly bound to the target message $M$ and the signer's public key. The dependency between the signer's public key and secret key is not properly used to construct any intractable problem. The inherent flaw results in that the adversary can find an efficient signing algorithm functionally equivalent to the valid signing algorithm.

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Preprint.
Keywords: Attribute-based signature forgery attack signing algorithm verification algorithm anonymity
Contact author(s): liulh @ shmtu edu cn
History: 2025-04-04: approved; 2025-04-02: received; See all versions
Short URL: https://ia.cr/2025/599
License: CC0

BibTeX

@misc{cryptoeprint:2025/599,
      author = {Zhengjun Cao and Lihua Liu},
      title = {Insecurity of One Decentralized Attribute-based Signature Scheme for Social Co-governance},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/599},
      year = {2025},
      url = {https://eprint.iacr.org/2025/599}
}