Secure server-aided attribute-based signature with perfect anonymity for cloud-assisted systems

Attribute-based signature (ABS) is an attractive cryptographic primitive, but it is unsuitable for resource-constrained scenarios because of its high computational cost. Server-Aided Attribute-Based Signature (SAABS) was introduced to overcome this shortcoming by using cloud computing technology. In this paper, we perform cryptanalysis on Xiong et al. (2020) and Cui et al. (2018). We show that Xiong et al.’s scheme is incorrect and forgeable. Neither of these two schemes achieves anonymity. In both schemes, an adversary can collude with the server to replace the attribute set and make the verifier accept an invalid signature. Our attacks imply that the previous definitions of unforgeability and anonymity are not conforming to the actual cloud-assisted scenarios. Then, we present more accurate security models for SAABS. We define a stronger definition for unforgeability, a stronger notion called perfect anonymity, and a new notion called server-aided verification security. Finally, we propose a new idea to prevent the server from attacking anonymity and an improved scheme to fix our attacks. Our scheme achieves all the security properties, supports expressive access structure, reduces the computational overhead to a low level, and is especially suitable for cloud-assisted systems.