Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments
As an extremely significant cryptographic primitive, certificateless signature (CLS) schemes can provide message authentication with no use of traditional digital certificates. High efficiency and provable security without random oracle are challensges in designing a CLS scheme. Recently, Karati <...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2018-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8548608/ |
| _version_ | 1818854592000032768 |
|---|---|
| author | Bo Zhang Tianqing Zhu Chengyu Hu Chuan Zhao |
| author_facet | Bo Zhang Tianqing Zhu Chengyu Hu Chuan Zhao |
| author_sort | Bo Zhang |
| collection | DOAJ |
| description | As an extremely significant cryptographic primitive, certificateless signature (CLS) schemes can provide message authentication with no use of traditional digital certificates. High efficiency and provable security without random oracle are challensges in designing a CLS scheme. Recently, Karati <italic>et al.</italic> proposed an efficient pairing-based CLS scheme with no use of map-to-point hash function and random oracle model to provide data authenticity in Industrial Internet of Things (IIoT) systems. The security proof was given under several hardness assumptions. However, we notice that both public key replacement attack and known message attack are existing in Karati <italic>et al.</italic>’s scheme. Any adversary without knowledge of signer’s private key is capable of forging valid signatures. This leads to several serious consequences. For example, anybody can sign IIoT data on behalf of IIoT data owner without being detected. |
| first_indexed | 2024-12-19T07:55:09Z |
| format | Article |
| id | doaj.art-b4ae7b14056b4b3d8c93e84bba35d804 |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-19T07:55:09Z |
| publishDate | 2018-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-b4ae7b14056b4b3d8c93e84bba35d8042022-12-21T20:30:02ZengIEEEIEEE Access2169-35362018-01-016738857389410.1109/ACCESS.2018.28835818548608Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT EnvironmentsBo Zhang0https://orcid.org/0000-0003-4227-1741Tianqing Zhu1Chengyu Hu2https://orcid.org/0000-0002-5523-2672Chuan Zhao3https://orcid.org/0000-0001-9106-6010School of Information Science and Engineering, University of Jinan, Jinan, ChinaSchool of Software, University of Technology Sydney, Ultimo, NSW, AustraliaSchool of Software, Shandong University, Jinan, ChinaSchool of Information Science and Engineering, University of Jinan, Jinan, ChinaAs an extremely significant cryptographic primitive, certificateless signature (CLS) schemes can provide message authentication with no use of traditional digital certificates. High efficiency and provable security without random oracle are challensges in designing a CLS scheme. Recently, Karati <italic>et al.</italic> proposed an efficient pairing-based CLS scheme with no use of map-to-point hash function and random oracle model to provide data authenticity in Industrial Internet of Things (IIoT) systems. The security proof was given under several hardness assumptions. However, we notice that both public key replacement attack and known message attack are existing in Karati <italic>et al.</italic>’s scheme. Any adversary without knowledge of signer’s private key is capable of forging valid signatures. This leads to several serious consequences. For example, anybody can sign IIoT data on behalf of IIoT data owner without being detected.https://ieeexplore.ieee.org/document/8548608/Public key replacement attackknown message attackdigital signaturecertificateless |
| spellingShingle | Bo Zhang Tianqing Zhu Chengyu Hu Chuan Zhao Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments IEEE Access Public key replacement attack known message attack digital signature certificateless |
| title | Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments |
| title_full | Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments |
| title_fullStr | Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments |
| title_full_unstemmed | Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments |
| title_short | Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments |
| title_sort | cryptanalysis of a lightweight certificateless signature scheme for iiot environments |
| topic | Public key replacement attack known message attack digital signature certificateless |
| url | https://ieeexplore.ieee.org/document/8548608/ |
| work_keys_str_mv | AT bozhang cryptanalysisofalightweightcertificatelesssignatureschemeforiiotenvironments AT tianqingzhu cryptanalysisofalightweightcertificatelesssignatureschemeforiiotenvironments AT chengyuhu cryptanalysisofalightweightcertificatelesssignatureschemeforiiotenvironments AT chuanzhao cryptanalysisofalightweightcertificatelesssignatureschemeforiiotenvironments |