Security analysis of forward secure certificateless proxy signature scheme
一个前向安全无证书代理签名方案的安全性分析*

A forward secure certificateless proxy signature scheme was analyzed, and it was pointed out that the scheme is neither unforgeable nor forward secure. It was showed that the scheme is insecure under the public key replacement attack. The adversary can forge a proxy signature for any message of any proxy signer by substituting the public keys of the original signer and the proxy signer. The attack method is given in detail. The reason without the forward secure property is that the updating algorithm of proxy private keys of the scheme does not use time periods and the proxy signatures do not explicitly include period identities. So the scheme is not a forward secure signature scheme.