Hindawi Publishing Corporation International Journal of Distributed Sensor Networks Volume 2013, Article ID 102508, 6 pages http://dx.doi.org/10.1155/2013/102508 Research Article On the Security of Certificateless Signature Schemes Gaurav Sharma, Suman Bala, and Anil K. Verma Computer Science and Engineering Department, hapar University, Patiala 147004, India Correspondence should be addressed to Gaurav Sharma; gaurav.sharma@thapar.edu Received 21 December 2012; Revised 19 May 2013; Accepted 20 May 2013 Academic Editor: J. Barbancho Copyright © 2013 Gaurav Sharma et al. his is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Wireless Sensor Network (WSN) has proved its presence in various real time applications and hence the security of such embedded devices is a vital issue. Certiicateless cryptography is one of the recent paradigms to provide security. Certiicateless public key cryptography (CL-PKC) deals efectively with the twin issues of certiicate management in traditional public key cryptography and key escrow problem in identity-based cryptography. CL-PKC has attracted special attention in the ield of information security as it has opened new avenues for improvement in the present security architecture. Recently, Tsai et al. proposed an improved certiicateless signature scheme without pairing and claimed that their new construction is secure against diferent kinds of attacks. In this paper, we present a security analysis of their scheme and our results show that scheme does not have resistance against malicious-KGC attack. In addition, we have found some security laws in the certiicateless signature scheme of Fan et al. and proved the scheme vulnerable to Strong Type I attack. 1. Introduction he validation of public keys by a trusted third party, also known as Certiicate Authority (CA), makes traditional Pub- lic Key Infrastructure (PKI) uneconomical. he user selects a public key and then CA provides a digital certiicate to associate the public key with the user’s identity. he man- agement of these certiicates is a complex issue and increases the computation and storage cost manifold. To resolve the issues of PKC a revolutionary ID-based infrastructure was introduced by Shamir [1] in 1984. his seminal concept of Identity Based Cryptography (IBC) allows the user to choose a public key of its own choice such as email ID, phone number, and name. In IBC, users do not generate their own private keys as in traditional PKC. Private keys are generated by Key Generation Centre (KGC), maintains the private keys of all the users, but there is always a possibility of the misuse of these private keys as they can be used to decrypt any ciphertext and forge the signature of user on any message for signature generation. Eventually, this new paradigm solved the problem of certiicate management but gave birth to inherent problem of key escrow. In 2003, Al-riyami and Paterson [2] proposed a novel approach to eliminate the inherent key escrow problem of IBC as well as the use of certiicates in traditional PKC. his approach is known as CL-PKC, where KGC generates a partial-private key for the user while user’s secret key and partial-private key are used to generate the public key of the user. In other words, CL-PKC difers from IBC in terms of arbitrary public key, and when a signature is transmitted, user’s public key is attached with it but not certiied by any of the trusted authority. Moreover, KGC is not aware of the secret key of the user. However, Al-riyami and Paterson’s [2] scheme has been proved insecure against Type I adversary by Huang et al. [3] and proposed an improved scheme. A generic construction has been proposed by Yum and Lee [4] in 2004 which is based on identity based signature. Later, Hu et al. [5] found it insecure against key replacement attack and proposed an improved version. Meanwhile Libert and Quisquater [6] proposed another generic construction without precompu- tations, which is based on Al-riyami and Paterson’s work. In 2005, Gorantla and Saxena [7] proposed an eicient CLS scheme but it was found to be insecure against the key replacement attack by Cao et al. [8]. Li et al. [9] and Zhang et al. [10] proposed CLS schemes based on elliptic curve but veriication algorithms in their schemes require four pairing computations. To improve the performance, Yap et al. [11] proposed an eicient CLS scheme which required only two bilinear pairings. However, Park and Kang [12] found that