Cryptanalysis and improvement of a certificateless threshold signature secure in the standard model

In this paper, we focus on security analysis of certificateless signature (CLS) schemes and certificateless threshold signature (CLTHS) schemes. We first propose four common attack methods for analyzing security of CLS schemes and CLTHS schemes. Then we give seven existing schemes as examples for demonstrating how to use our common attack methods, and prove that these schemes are vulnerable against public key replacement attacks or malicious-but-passive key generation center (KGC) attacks. By comprehensively using the proposed attack ideas, we also present three attacks against a CLTHS scheme proposed by Xiong et al. (2010) [28]: two public key replacement attacks and a malicious-but-passive KGC attack. Furthermore, we point out the flaws in the security proofs of these insecure CLS or CLTHS schemes. Finally, to resist these attacks, we propose an improved CLTHS scheme.