¡@

Certificateless signature scheme is a practical solution to confront the drawback, Key Generation Center (KGC) being able to forge the signature of a user, of an identity based (ID-based) signature scheme. Lots of previous research results have shown the security models and the generic constructions for certificateless signatures. However, most of them did not satisfy Girault¡¦s level-3 security which the conventional public key infrastructure (PKI) can achieve. Until 2007, Hu et al. introduced a generic construction and security model that can fulfill the requirement of Girault¡¦s level-3 security. Recently, Du and Wen proposed a certificateless shortsignature scheme which is more computation efficient than the previous ones. But a flaw in security proofs and lack of Girault¡¦s level-3 security can be still found in their scheme. In this paper, a cryptanalysis on Du-Wen scheme and an improved scheme will be presented, and we also provide formal proofs to demonstrate the security of the proposed scheme.

Keywords: certificateless signature, ID-based cryptosystems, Girault's security, random oracles, non-repudiation

Retrieve PDF document (201105_10.pdf)

Received October 1, 2009; revised January 26, 2010; accepted May 19, 2010.
Communicated by Chin-Laung Lei.
^* A partial result of this research was presented at the Fourth Joint Workshop on Information Security (JWIS), Kaohsiung, Taiwan, August 6-7, 2009, which was sponsored by Japan Information and Communication System Security of the Institute of Electronics, Japan Information and Communication Engineers, Korea Institute for Information Security and Cryptology, Chinese Cryptology and Information Security Association, and Taiwan Information Security Center. This work was supported in part by the National Science Council of Taiwan, R.O.C. under grants No. NSC 98-2219-E-110-001 and NSC 96-2221-E-110-071-MY3.