On the security of an enhanced short signature scheme

TL;DR

This paper critically examines an existing identity-based short signature scheme based on knapsack and bilinear pairing, revealing its insecurity and highlighting the need for more robust cryptographic designs in low-bandwidth environments.

Contribution

The paper demonstrates that Su's proposed scheme is insecure, providing a concrete attack and emphasizing the importance of rigorous security analysis for short signature schemes.

Findings

Su's scheme is vulnerable to forgery attacks

The scheme does not provide the claimed security in the random oracle model

Highlights the necessity for more secure short signature constructions

Abstract

Currently, short signature is receiving significant attention since it is particularly useful in low-bandwidth communication environments. However, most of the short signature schemes are only based on one intractable assumption. Recently, Su presented an identity-based short signature scheme based on knapsack and bilinear pairing. He claimed that the signature scheme is secure in the random oracle model. Unfortunately, in this paper, we show that his scheme is insecure. Concretely, an adversary can forge a valid signature on any message with respect to any identity in Su's scheme.