On the security of an enhanced short signature scheme
This work exposes a critical vulnerability in a cryptographic scheme, which is incremental as it addresses a specific flaw in an existing method.
The authors demonstrated that Su's identity-based short signature scheme, which was claimed to be secure in the random oracle model, is actually insecure, as an adversary can forge valid signatures for any message and identity.
Currently, short signature is receiving significant attention since it is particularly useful in low-bandwidth communication environments. However, most of the short signature schemes are only based on one intractable assumption. Recently, Su presented an identity-based short signature scheme based on knapsack and bilinear pairing. He claimed that the signature scheme is secure in the random oracle model. Unfortunately, in this paper, we show that his scheme is insecure. Concretely, an adversary can forge a valid signature on any message with respect to any identity in Su's scheme.