›› 2013, Vol. 28 ›› Issue (4): 743-748.doi: 10.1007/s11390-013-1372-y

• Information Security • Previous Articles    

Forgeability of Wang-Zhu-Feng-Yau's Attribute-Based Signature with Policy-and-Endorsement Mechanism

Ai-Jun Ge1,2 (葛爱军), Xin-Yi Huang3 (黄欣沂), Cheng Chen4 (陈成), Chuan-Gui Ma1,* (马传贵), Member, CCF, and Rui Zhang2 (张锐), Member, CCF   

  1. 1. State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou Information Science and Technology Institute, Zhengzhou 450001, China;
    2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences Beijing 100093, China;
    3. Fujian Provincial Key Laboratory of Network Security and Cryptology, School of Mathematics and Computer Science Fujian Normal University, Fuzhou 350117, China;
    4. Institute of Software, Chinese Academy of Sciences, Beijing 100080, China
  • Received:2012-09-04 Revised:2013-05-30 Online:2013-07-05 Published:2013-07-05
  • Supported by:

    This research was partially supported by the National High Technology Research and Development 863 Program of China under Grant No. 2011AA010803, the National Natural Science Foundation of China under Grant Nos. 61100225, 61202450, the funding of Science and Technology on Information Assurance Laboratory (KJ-13-02), and the Key Scientific and Technological Project of Henan Province of China under Grant No. 122102210126.

Recently, Wang et al. presented a new construction of attribute-based signature with policy-and-endorsement mechanism. The existential unforgeability of their scheme was claimed to be based on the strong Diffie-Hellman assumption in the random oracle model. Unfortunately, by carefully revisiting the design and security proof of Wang et al.'s scheme, we show that their scheme cannot provide unforgeability, namely, a forger, whose attributes do not satisfy a given signing predicate, can also generate valid signatures. We also point out the flaws in Wang et al.'s proof.

[1] Sahai A, Waters B. Fuzzy identity-based encryption. In Proc.the 24th EUROCRYPT, May 2005, pp.457-473.

[2] Bethencourt J, Sahai A, Waters B. Ciphertext-policyattribute-based encryption. In Proc. the IEEE Symposiumon Security and Privacy, May 2007, pp.321-334.

[3] Chase M. Multi-authority attribute based encryption. InProc. the 4th Conf. Theory of Cryptography, Feb. 2007,pp.515-534.

[4] Chase M, Chow S. Improving privacy and security in multi-authority attribute-based encryption. In Proc. ACM Conf.Computer and Communications Security, Nov. 2009, pp.121-130.

[5] Waters B. Ciphertext-policy attribute-based encryption: Anexpressive, efficient, and provably secure realization. In Proc.the 14th Int. Conf. Practice and Theory in Public Key Cryp-tography, March 2011, pp.53-70.

[6] Maji H, Prabhakaran M, Rosulek M. Attribute-based signa-ture: Achieving attribute privacy and collusion-resistance.IACR Cryptology ePrint Archive, 2008, Article No.328.

[7] Li J, Kim K. Hidden attribute-based signatures withoutanonymity revocation. Information Sciences, 2010, 180(9):1681-1689.

[8] Shamir A. Identity-based cryptosystems and signatureschemes. In Proc. CRYPTO 1984, Aug. 1984, pp.47-53.

[9] Wang H, Zhu Y, Feng R, Yau S. Attribute-based signaturewith policy-and-endorsement mechanism. Journal of Com-puter Science and Technology, 2010, 25(6): 1293-1304.

[10] Galbraith S, Paterson K, Smart N. Pairing for cryptographers.Discrete Applied Mathematics, 2008, 156(16): 3113-3121.

[11] Pointcheval D, Stern J. Security arguments for digital sig-natures and blind signatures. Journal of Cryptology, 2000,13(3): 361-396.
No related articles found!
Full text



[1] Zhang Fuyan; Cai Shijie; Wang Shu; Ge Ruding;. The Human-Computer Dialogue Management of FCAD System[J]. , 1988, 3(3): 221 -227 .
[2] Gao Qingshi; Liu Zhiyong;. K-Dimensional Optimal Parallel Algorithm for the Solution of a General Class of Recurrence Equations[J]. , 1995, 10(5): 417 -424 .
[3] Wen-Cheng Wang, Feng Wei, and En-Hua Wu. View Dependent Sequential Point Trees[J]. , 2006, 21(2): 181 -188 .
[4] Hong Mei, Dong-Gang Cao, and Fu-Qing Yang. Development of Software Engineering: A Research Perspective[J]. , 2006, 21(5): 682 -696 .
[5] Yong Liao, Xu-Dong Chen, Guang-Ze Xiong, Qing-Xin Zhu, and Nan Sang. End-to-End Utilization Control for Aperiodic Tasks in Distributed Real-Time Systems[J]. , 2007, 22(1): 135 -146 .
[6] Unil Yun. Analyzing Sequential Patterns in Retail Databases[J]. , 2007, 22(2): 287 -296 .
[7] Maryam Zarezadeh, Hamid Mala, Homa Khajeh. Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party Computation[J]. Journal of Computer Science and Technology, 2020, 35(4): 863 -874 .
[8] Sen-Shan Pan (潘森杉), Xiao-Tong Fu (傅晓彤), and Wei-Guo Zhang (张卫国), Member, IEEE. Construction of 1-Resilient Boolean Functions with Optimal Algebraic Immunity and Good Nonlinearity[J]. , 2011, 26(2): 269 -275 .
[9] Jia Chen (陈佳), Yi-He Zhu (朱一和), Hao-Fen Wang (王昊奋), Wei Jin (晋薇), and Yong Yu (俞勇). Effective and Efficient Multi-Facet Web Image Annotation[J]. , 2012, 27(3): 541 -553 .
[10] Hao Wang, Chao-Kun Wang, Ya-Jun Xu and Yuan-Chi Ning. Dominant Skyline Query Processing over Multiple Time Series[J]. , 2013, 28(4): 625 -635 .

ISSN 1000-9000(Print)

CN 11-2296/TP

Editorial Board
Author Guidelines
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
E-mail: jcst@ict.ac.cn
  Copyright ©2015 JCST, All Rights Reserved