Forgery attacks of an identity‐based multi‐proxy signature scheme

Multi‐proxy signature is used to delegate a permission of an owner to at least two proxies in the digital world. Recently, Sahu and Padhye gave a new construction of identity‐based multi‐proxy signature. Their scheme's security was supported by a reduction proof against a hard mathematical problem. Even supported by such security proofs, we present some forgery attacks against Sahu and Padhye's scheme. We demonstrate that any dishonest insider or any malicious outsider can break the security of Sahu and Padhye's scheme by forging either a permission or a multi‐proxy signature. In fact, our forgery attacks exploit the security weakness in their underlying identity‐based signature scheme, which is the fundamental constructing component of their proposed scheme. Copyright © 2014 John Wiley & Sons, Ltd.