Malleability and Ownership of Proxy Signatures: Towards a Stronger Definiton and Its Limitations

Abstract

Proxy signature is a cryptographic primitive that allows an entity to delegate singing rights to another entity. Noticing the ad-hoc nature of security analysis prevalent in the existing literature, Boldyreva, Palacio and Warinschi proposed a formal security model for proxy signature. We revisit their proposed security definition in the context of the most natural construction of proxy signature - delegation-by-certificate. Our analysis indicates certain limitations of their definition that arise due to malleability of proxy signature as well as signature ownership in the context of standard signature. We propose a stronger definition of proxy signature to address these issues. However, we observe that the natural reductionist security argument of the delegation-by certificate proxy signature construction under this definition seems to require a rather unnatural security property for a standard signature.