Security analysis of an identity-based strongly unforgeable signature scheme

Identity-based signature (IBS) is a specific type of public-key signature (PKS) where any identity string ID can be used for the public key of a user. Although an IBS scheme can be constructed from any PKS scheme by using the certificate paradigm, it is still important to construct an efficient IBS scheme with short signature under the standard assumption without relying on random oracles. Recently, Kwon proposed an IBS scheme and claimed its strong unforgeability under the computational Diffie–Hellman (CDH) assumption. In this paper, we show that the security proof of Kwon is seriously flawed. To show the flaws, we first show that there exists a distinguisher that can distinguish the distribution of simulated signatures from that of real signatures. Next, we also show that the simulator of Kwon’s security argument cannot extract the solution of the CDH problem even if there exists an adversary that forges the signature. Therefore, the security of the Kwon’s IBS scheme is not related to the hardness of the CDH assumption.