| Summary: | To achieve source authentication, message integrity, and non-repudiation, a number of authentication protocols adopt several types of digital signatures: public-key signatures, identity-based signatures, and certificateless signatures. In this paper, we show that an anonymous remote authentication scheme for wireless body area network, an anonymous handover authentication scheme, an authentication scheme for emergency mobile cyber-physical system, and an authenticated key agreement protocol based on the three types of signatures schemes are insecure against various impersonation attacks due to insecurity of the underlying signature schemes. These results show that using cryptographic primitives without security proofs causes serious security vulnerabilities on the security protocol itself. Our results give strong evidences that the security of adopted cryptographic primitives should be proved in appropriate formal security models as well as proof of the security protocol itself.
|
|---|
