A Threshold Proxy Signature Scheme Using Self-Certified Public Keys

A (t, n) threshold proxy signature scheme enables an original signer to delegate his/her signing capability to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t−1 or less of them cannot do the same thing. Threshold proxy signatures have been suggested for use in the scenarios of distributed computing where delegation of rights is quite common. In ISPA’04, Xue and Cao proposed a new efficient threshold proxy signature scheme using self-certified public keys. The key advantage of their scheme is that a verifier can simultaneously validate the public keys of the original and proxy signers, and the alleged proxy signature just in a single step. As for the security, they claimed their scheme is secure against internal attacks, external attacks, collusion attacks, and public key substitution attacks. In this paper, however, we successfully identify an insider attack again their scheme. That is, a malicious proxy signer can forge a valid threshold proxy signature on any message. To thwart this attack, some improvements are further proposed.