Recently, Xiong et al. proposed an efficient certificateless aggregate signature (CLAS) scheme for mobile computation. They demonstrated that their scheme is provably secure in the random oracle model. Unfortunately, by giving a concrete attack, in this paper, we point out that Xiong et al.’s scheme is not secure at all and an adversary without the partial private key and the secret value could forge a legal message. Hence, Xiong et al.’s scheme is not feasible for practical applications.
Khurram Khan, Muhammad and He, Debiao
"Cryptanalysis of a certificateless aggregate signature scheme for mobile computation,"
Applied Mathematics & Information Sciences: Vol. 07:
4, Article 16.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol07/iss4/16