Cryptanalysis of a secure and efficient identity-based signature scheme
The distinguishing characteristic of identity-based signatures is that only the identity with no certificate of a signer is involved in the verification of a signature, which simplifies the key management procedures dramatically. A novel identity-based signature scheme that can be proven secure in the standard model was given by Paterson and Schuldt in 2006. Unfortunately, the scheme is not efficient in computation. An improvement due to Gu, et al. was proposed recently to improve the computational efficiency, and it was claimed as being provably secure in the standard model and more efficient than the known schemes in the same flavor. However, this paper shows that the new scheme by Gu, et al. is insecure by demonstrating two concrete attacks in which an adversary can not only forge the private key of an identity but also forge signatures on arbitrary message. The study also identifies a flaw in their security proofs, i.e., the view of the adversary in the security reduction is not independent of the event that the simulation succeeds. Copyright 2014, Institute of Software, the Chinese Academy of Sciences. All rights reserved.