Paper 2025/834
A Note on ``CABC: A Cross-Domain Authentication Method Combining Blockchain with Certificateless Signature for IIoT''
Abstract
We show that the authentication method [Future Gener. Comput. Syst. 158: 516-529 (2024)] cannot be practically implemented, because the signature scheme is insecure against certificateless public key replacement forgery attack. The explicit dependency between the certificateless public key and secret key is not properly used to construct some intractable problems, such as Elliptic Curve Discrete Logarithm (ECDL). An adversary can find an efficient signing algorithm functionally equivalent to the valid signing algorithm. We also correct some typos in the original presentation.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Certificateless signaturesigning algorithmverification algorithmforgery attack
- Contact author(s)
- liulh @ shmtu edu cn
- History
- 2025-05-12: approved
- 2025-05-10: received
- See all versions
- Short URL
- https://ia.cr/2025/834
- License
-
CC0
BibTeX
@misc{cryptoeprint:2025/834, author = {Zhengjun Cao and Lihua Liu}, title = {A Note on ``{CABC}: A Cross-Domain Authentication Method Combining Blockchain with Certificateless Signature for {IIoT}''}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/834}, year = {2025}, url = {https://eprint.iacr.org/2025/834} }