Open Access iconOpen Access



Cryptanalysis of an Online/Offline Certificateless Signature Scheme for Internet of Health Things

Saddam Hussain1, Syed Sajid Ullah2,*, Mohammad Shorfuzzaman3, Mueen Uddin4, Mohammed Kaosar5

1 Department of Information Technology, Hazara University, Mansehra, 21120, KPK, Pakistan
2 Department of Electrical and Computer Engineering, Villanova University, PA, USA
3 Department of Computer Science, College of Computers and Information Technology, Taif University, Taif, 21944, Saudi Arabia
4 Digital Science, Faculty of Science, Universiti Brunei Darussalam, Jln Tungku link, Gadong, BE1410, Brunei Darussalam
5 Discipline of Information Technology, Media and Communications, College of Arts, Business, Law and Social Sciences (ABLSS), Murdoch University, 90 South Street, Murdoch, WA6150, Australia

* Corresponding Author: Syed Sajid Ullah. Email: email

(This article belongs to this Special Issue: Recent Trends in Computational Methods for Differential Equations)

Intelligent Automation & Soft Computing 2021, 30(3), 983-993.


Recently, Khan et al. [An online-offline certificateless signature scheme for internet of health things,” Journal of Healthcare Engineering, vol. 2020] presented a new certificateless offline/online signature scheme for Internet of Health Things (IoHT) to fulfill the authenticity requirements of the resource-constrained environment of (IoHT) devices. The authors claimed that the newly proposed scheme is formally secured against Type-I adversary under the Random Oracle Model (ROM). Unfortunately, their scheme is insecure against adaptive chosen message attacks. It is demonstrated that an adversary can forge a valid signature on a message by replacing the public key. Furthermore, we performed a comparative analysis of the selective parameters including computation time, communication overhead, security, and formal proof by employing Evaluation based on Distance from Average Solution (EDAS). The analysis shows that the designed scheme of Khan et al. doesn’t have any sort of advantage over the previous schemes. Though, the authors utilized a lightweight hyperelliptic curve cryptosystem with a smaller key size of 80-bits. Finally, we give some suggestions on the construction of a concrete security scheme under ROM.


Cite This Article

S. Hussain, S. Sajid Ullah, M. Shorfuzzaman, M. Uddin and M. Kaosar, "Cryptanalysis of an online/offline certificateless signature scheme for internet of health things," Intelligent Automation & Soft Computing, vol. 30, no.3, pp. 983–993, 2021.

cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1643


  • 915


  • 0


Share Link