To solve security and privacy issues in wireless body area networks, several types of digital signature schemes have been adapted to a number of authentication protocols. Recently in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (TIFS) (DOI: 10.1109/TIFS.2015.2414399), Xiong and Qin proposed a revocable certificateless encryption (R-CLE) scheme against decryption key exposure, and a revocable certificateless signature (R-CLS) scheme against signing key exposure. Then they proposed a revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks based on the combination of R-CLE scheme and R-CLS scheme. However, we show that their RCLS scheme is insecure against type I adversaries: a type I adversary who knows only a user's secret value can forge signatures on any messages in the same time period. Hence, their authentication protocol fails to meet the claimed security requirements.

中文翻译：

---

对__可撤销且可扩展的无线体域网匿名无证书远程身份验证协议_的评论


为了解决无线体域网中的安全和隐私问题，多种类型的数字签名方案已适应多种认证协议。最近，在IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (TIFS) (DOI: 10.1109/TIFS.2015.2414399)中，Xiong和Qin提出了一种防止解密密钥暴露的可撤销无证书加密(R-CLE)方案，以及可撤销无证书签名(R-CLS) ）针对签名密钥暴露的方案。然后，他们基于R-CLE方案和R-CLS方案的结合，提出了一种可撤销、可扩展、可匿名的无线体域网无证书远程认证协议。然而，我们表明他们的 RCLS 方案对于 I 类对手来说是不安全的：只知道用户秘密值的 I 类对手可以在同一时间段内伪造任何消息的签名。因此，他们的身份验证协议无法满足声称的安全要求。