About the Security for HW Threshold Proxy Signature Scheme with self-certified Public Key System

In a (t, n) threshold proxy signature scheme, one original signer delegates a group of n proxy signers to sign on behalf of the original signer. When the proxy signature is created, at least t proxy signers cooperate to produce valid proxy signatures and any less than t proxy signers can’t cooperatively generate valid proxy signatures. Self-certified public key systems have attracted more and more attention because of its advantages. In 2005, Hsu and Wu designed a self-certified threshold proxy signature scheme with message recovery, nonrepudiation and traceability, which is based on Hsu et al.’s self-certified public key system. Park et al. showed that Hsu and Wu’s self-certified threshold proxy signature scheme is insecure against the malicious original signer in 2006. That is, Hsu and Wu’s scheme suffers from the cheat attack, where a malicious original signer can cheat CA into extracting a proxy signing key of a proxy signer. We analyzed Park et al’s security analysis for Hsu and Wu’s scheme and pointed out that the cheat attack proposed by Park et al. can’t succeed. In one hand, in self-certified public system, users cannot freely change their private or public keys. If users want to change their private or public keys, CA has some corresponding strategy to limit users’ behaviors. In the other hand, if some disagreement about the forged threshold proxy signature occurs, there are two solutions to deal with it. One solution depends on the help of CA and the other solution relies on the help of the delegated proxy signer.