A proxy signature scheme allows an entity to delegate his/her signing capability to another entity in such a way that the latter can sign messages on behalf of the former. Such schemes have been suggested for use in a number of applications, particularly in distributed computing where delegation of rights is quite common. Followed by the first schemes introduced by Mambo, Usuda and Okamoto in 1996, a number of new schemes and improvements have been proposed. In this paper, we present a security analysis of four such schemes newly proposed. By successfully identifying several interesting forgery attacks, we show that these four schemes all are insecure. Consequently, the fully distributed proxy scheme is also insecure since it is based on the (insecure) LKK scheme. In addition, we point out the reasons why the security proofs provided are invalid.
- Digital signatures,
- proxy signatures,
- security analysis
Available at: http://works.bepress.com/gwang/6/