Cryptanalysis and improvement of a certificateless partially blind signature

Partially blind signature is an important technique in secure electronic cash (e-cash) system. The first concrete certificateless partially blind signature (CLPBS) scheme for e-cash was constructed in 2011. Recently it was found that this construction had a security weakness and a rescued scheme was given. Unfortunately, the formal security proof was not given. In this study, the authors first give cryptanalysis of their rescued scheme. They demonstrate that a malicious user in their rescued scheme can forge a signature on any message by replacing the signer´s public key. In an e-cash system, blind signatures issued by the bank are viewed as e-cash. Once they apply their scheme to an untraceable e-cash system, a malicious user can forge valid electronic coins (i.e. valid signatures) without being detected by the bank. It will result in loss of the bank. Then, they propose a newly improved CLPBS scheme which achieves the strongest security level and has higher computational efficiency than the rescued scheme published earlier. Finally, they give an example of potential application to e-cash systems using their scheme.