Dr. Dr. Duncan S. Wong
City University of Hong Kong, China
Title: Certificateless Signature: a New Security Model and an Improved Generic Construction
Certificateless cryptography involves a Key Generation Center (KGC) which issues a partial key to a user and the user also
independently generates an additional public/secret key pair in such a way that the KGC who knows only the partial key but not
the additional secret key is not able to do any cryptographic operation on behalf of the user; and a third party who replaces the
public/secret key pair but does not know the partial key cannot do any cryptographic operation as the user either. We call this
attack launched by the third party as the key replacement attack. In ACISP 2004, Yum and Lee proposed a generic construction of
digital signature schemes under the framework of certificateless cryptography. In this talk, we show that their generic
construction is insecure against key replacement attack. In particular, we give some concrete examples to show that the security
requirements of some building blocks they specified are insufficient to support some of their security claims. We then propose a
modification of their scheme and show its security in a new and simplified security model. We show that our simplified definition
and adversarial model not only capture all the distinct features of certificateless signature but are also more versatile when
compared with all the comparable ones. We believe that the model itself is of
independent interest.