Improved for certificate-based signature scheme

A forgery attack on Yang bo et al.'s certificate-based signature scheme was presented. It is found that the honest-but-curious certificate authority could forge a valid signature in any message on behalf of any user by choosing random parameters without knowing the secret value of the user. Analysis describes that the reason of insecurity of the original scheme is that the commitment value R computed in the stage of certificate generation is not used as an input of the hash function in the stage of signature generation. An improved scheme was proposed by adding R to the hash function. The improved scheme is as efficient as the original scheme. It is provably secure under the intractability of discrete logarithm problem.