Certificateless signature scheme with security enhanced in the standard model

• Yu et al.'s scheme suffers from key replacement and malicious-but-passive KGC attacks.
• Figure out what is wrong with this scheme.
• An improvement on Yu et al.'s scheme is proposed to remedy these security flaws.
• The proposed scheme is proven secure in the standard model.
• The proposed scheme achieves lower computational cost and shorter system parameters.

Certificateless cryptography is an attractive paradigm, which combines the advantages of identity-based cryptography (without certificate) and traditional public key cryptography (no escrow). Recently, to solve the drawbacks of the existing certificateless signature (CL-S) schemes without random oracles, Yu et al. proposed a new CL-S scheme, which possesses several merits including shorter system parameters and higher computational efficiency than the previous schemes. However, in this work, we will point out that their CL-S scheme is insecure against key replacement attack and malicious-but-passive KGC attack. We further propose an improved scheme that overcomes the security flaws without affecting the merits of the original scheme. We prove that our scheme is existentially unforgeable against adaptive chosen message attacks under the computational Diffie–Hellman assumption in the standard model.