Weakness and Improvement of a Certificate-Based Key-Insulated Signature in the Standard Model
<span class=”paragraphSection”><div class=”boxTitle”>Abstract</div>Certificate-based cryptography is a novel cryptographic primitive that has many attractive merits. It solves the certificate revocation problem in conventional public key cryptography and overcomes the key-escrow problem in identity-based cryptography. Recently, Li <span style=”font-style:italic;”>et al</span>. presented a certificate-based key-insulated signature (CBKIS) scheme in the standard model. However, their scheme suffers from a security vulnerability caused by the malicious certification authority (CA) attack. Our cryptanalysis shows that a malicious CA is able to break its unforgeability by implanting some trapdoors in the public system parameters. To remedy the security weakness in Li <span style=”font-style:italic;”>et al</span>.’s scheme, we put forward an improved CBKIS scheme. Under the complexity assumption of the square computational Diffie–Hellman problem, the improved scheme is proven to be existentially unforgeable in the standard model. Compared with the original CBKIS scheme proposed by Li <span style=”font-style:italic;”>et al</span>., it enjoys better performance while offering stronger security guarantee as it can resist the malicious CA attack.</span> Source: Oxford Journals
Weakness and Improvement of a Certificate-Based Key-Insulated Signature in the Standard Model was originally published on Computer Guru
