Security analysis of the unrestricted identity-based aggregate signature scheme

Kwangsu Lee; Dong Hoon Lee

doi:10.1371/journal.pone.0128081

Security analysis of the unrestricted identity-based aggregate signature scheme

Kwangsu Lee, Dong Hoon Lee

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

Original language	English
Article number	e0128081
Journal	PloS one
Volume	10
Issue number	5
DOIs	https://doi.org/10.1371/journal.pone.0128081
Publication status	Published - 2015 May 18

ASJC Scopus subject areas

Biochemistry, Genetics and Molecular Biology(all)
Agricultural and Biological Sciences(all)
General

Access to Document

10.1371/journal.pone.0128081

Cite this

@article{da8a967d768141309deab4b2b7def1c1,

title = "Security analysis of the unrestricted identity-based aggregate signature scheme",

abstract = "Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.",

author = "Kwangsu Lee and Lee, {Dong Hoon}",

note = "Publisher Copyright: {\textcopyright} 2015 Lee, Lee. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.",

year = "2015",

month = may,

day = "18",

doi = "10.1371/journal.pone.0128081",

language = "English",

volume = "10",

journal = "PLoS One",

issn = "1932-6203",

publisher = "Public Library of Science",

number = "5",

}

TY - JOUR

T1 - Security analysis of the unrestricted identity-based aggregate signature scheme

AU - Lee, Kwangsu

AU - Lee, Dong Hoon

N1 - Publisher Copyright: © 2015 Lee, Lee. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

PY - 2015/5/18

Y1 - 2015/5/18

N2 - Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

AB - Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

UR - http://www.scopus.com/inward/record.url?scp=84930619421&partnerID=8YFLogxK

U2 - 10.1371/journal.pone.0128081

DO - 10.1371/journal.pone.0128081

M3 - Article

C2 - 25993247

AN - SCOPUS:84930619421

VL - 10

JO - PLoS One

JF - PLoS One

SN - 1932-6203

IS - 5

M1 - e0128081

ER -

Security analysis of the unrestricted identity-based aggregate signature scheme

Abstract

ASJC Scopus subject areas

Access to Document

Other files and links

Cite this