ABSTRACT
Many identity-based proxy signature (IBPS) schemes have been proposed, but most were proved to be secure using a random oracle model, which has attracted considerable criticism. Cao and Cao proposed an IBPS scheme using the standard model, but their scheme was shown to be insecure because it could not resist a delegator attack. In order to overcome this weakness, Gu et al. proposed a new IBPS scheme in 2013 that uses the standard model and they also provided a detailed security model for IBPS. However, in this study, we demonstrate that Gu et al.'s scheme is still vulnerable to delegator attack. In order to correct this problem, we propose an improvement of the IBPS scheme described by Gu et al. We also present an efficiency analysis for our scheme and a detailed security proof based on the computational Diffie–Hellman assumption.
ACM Computing Classification System Code:
Disclosure statement
No potential conflict of interest was reported by the authors.
Notes
1. According to the description of the security model for IBPS in Section 2.4, an adversary can obtain all of the useful information except the private key of an attack object, and the adversary can also make polynomially many queries on the key and signature in four situations. Thus, it is very easy for the adversary to obtain a proxy signing key for a warrant, which is selected by the adversary.