Security analysis of the unrestricted identity-based aggregate signature scheme

Kwangsu Lee, Dong Hoon Lee

Research output: Contribution to journalArticle

Abstract

Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

Original languageEnglish
Article numbere0128081
JournalPLoS One
Volume10
Issue number5
DOIs
Publication statusPublished - 2015 May 18

Fingerprint

Agglomeration
Defects

ASJC Scopus subject areas

  • Agricultural and Biological Sciences(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Medicine(all)

Cite this

Security analysis of the unrestricted identity-based aggregate signature scheme. / Lee, Kwangsu; Lee, Dong Hoon.

In: PLoS One, Vol. 10, No. 5, e0128081, 18.05.2015.

Research output: Contribution to journalArticle

@article{da8a967d768141309deab4b2b7def1c1,
title = "Security analysis of the unrestricted identity-based aggregate signature scheme",
abstract = "Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.",
author = "Kwangsu Lee and Lee, {Dong Hoon}",
year = "2015",
month = "5",
day = "18",
doi = "10.1371/journal.pone.0128081",
language = "English",
volume = "10",
journal = "PLoS One",
issn = "1932-6203",
publisher = "Public Library of Science",
number = "5",

}

TY - JOUR

T1 - Security analysis of the unrestricted identity-based aggregate signature scheme

AU - Lee, Kwangsu

AU - Lee, Dong Hoon

PY - 2015/5/18

Y1 - 2015/5/18

N2 - Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

AB - Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

UR - http://www.scopus.com/inward/record.url?scp=84930619421&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84930619421&partnerID=8YFLogxK

U2 - 10.1371/journal.pone.0128081

DO - 10.1371/journal.pone.0128081

M3 - Article

VL - 10

JO - PLoS One

JF - PLoS One

SN - 1932-6203

IS - 5

M1 - e0128081

ER -