Security Analysis and Improvement of Pairing-Based Threshold Proxy Signature Scheme

In a (t, n) threshold proxy signature scheme, which is a variant of the proxy signature scheme, the proxy signature key is shared among a group of n proxy signers delegated by the original signer. Any t or more proxy signers can cooperatively sign messages on behalf of the original signer. Recently, Qian et. al. proposed a pairing-based threshold proxy signature scheme. However, we show that their scheme suffers from the forgery attack. That is, an adversary can forge a valid threshold proxy signature on any messages. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or message verifiers, which might violate the original signer´s intent. In this paper, we propose an improved scheme that overcomes the above weaknesses.