ChinaCom2009-Network and Information Security Symposium

Research Article

About the Security for HW Threshold Proxy Signature Scheme with self-certified Public Key System

  • @INPROCEEDINGS{10.1109/CHINACOM.2009.5339886,
        author={Fengying Li and Qingshui Xue and Jiping Zhang and Zhenfu Cao},
        title={About the Security for HW Threshold Proxy Signature Scheme with self-certified Public Key System},
        proceedings={ChinaCom2009-Network and Information Security Symposium},
        publisher={IEEE},
        proceedings_a={CHINACOM2009-NIS},
        year={2009},
        month={11},
        keywords={Cryptography; Digital signatures; Proxy signature; threshold proxy signature; Self-certified},
        doi={10.1109/CHINACOM.2009.5339886}
    }
    
  • Fengying Li
    Qingshui Xue
    Jiping Zhang
    Zhenfu Cao
    Year: 2009
    About the Security for HW Threshold Proxy Signature Scheme with self-certified Public Key System
    CHINACOM2009-NIS
    IEEE
    DOI: 10.1109/CHINACOM.2009.5339886
Fengying Li1,*, Qingshui Xue2,*, Jiping Zhang1,*, Zhenfu Cao3,*
  • 1: Dept. of Education Information Technology East China Normal University Shanghai, China
  • 2: School of techniques Shanghai Jiaotong University Shanghai, China
  • 3: Dept. of Computer Science and Engineering Shanghai Jiao Tong University Shanghai, China
*Contact email: fyli@sjtu.edu.cn, xue-qsh@sjtu.edu.cn, jpzhang@deit.ecnu.edu.cn, zfcao@cs.sjtu.edu.cn

Abstract

In a (t, n) threshold proxy signature scheme, one original signer delegates a group of n proxy signers to sign on behalf of the original signer. When the proxy signature is created, at least t proxy signers cooperate to produce valid proxy signatures and any less than t proxy signers can’t cooperatively generate valid proxy signatures. Self-certified public key systems have attracted more and more attention because of its advantages. In 2005, Hsu and Wu designed a self-certified threshold proxy signature scheme with message recovery, nonrepudiation and traceability, which is based on Hsu et al.’s self-certified public key system. Park et al. showed that Hsu and Wu’s self-certified threshold proxy signature scheme is insecure against the malicious original signer in 2006. That is, Hsu and Wu’s scheme suffers from the cheat attack, where a malicious original signer can cheat CA into extracting a proxy signing key of a proxy signer. We analyzed Park et al’s security analysis for Hsu and Wu’s scheme and pointed out that the cheat attack proposed by Park et al. can’t succeed. In one hand, in self-certified public system, users cannot freely change their private or public keys. If users want to change their private or public keys, CA has some corresponding strategy to limit users’ behaviors. In the other hand, if some disagreement about the forged threshold proxy signature occurs, there are two solutions to deal with it. One solution depends on the help of CA and the other solution relies on the help of the delegated proxy signer.