On the security of two signature schemes for secure communication in IoT environments

Recently, Thumbur et al. (IEEE Commun Lett 24(8): 1641-1645, 2020) proposed a pairing-free certificateless signature (PF-CLS) scheme for secure communication in resource-constrained devices. Zhan et al. (IEEE Internet of Things Journal, pp 1-1, 2020) proposed a pairing-free certificateless aggregate signature (PF-CLAS) in healthcare wireless medical sensor networks. The authors proved the security of their schemes under the hardness of mathematical problems in the random oracle model respectively. Unfortunately, we find that the above two recent schemes are insecure. By providing concrete attacks, in this work, we show that an attacker with replacing public key ability can easily impersonate other legitimate users to upload some false messages by forging the target users' valid signatures on these messages. As a result, the above two signature schemes PF-CLS and PF-CLAS cannot solve the IoT data authenticity and integrity issues pointed out by them. Moreover, we discuss the reasons for our attacks and provide relevant improvements.