Comments on 'verifiable outsourced attribute-based signature scheme'

摘要

Ren and Jiang recently published a verifiable outsourced attribute-based signature scheme in Multimedia Tools and Applications. In this note, we first provide two attacks on the verifiability of the semi-signatures of this scheme by showing that a malicious signing-cloud service provider (S-CSP) can always cheat the signer unlike the authors' claim. Moreover, one of these attacks also implies that an untrusted S-CSP can always forge signatures contrary to the claimed unforgeability against chosen message attacks. Therefore, this scheme unfortunately does not satisfy the main security properties for a delegated signature scheme.