International Association
for Cryptologic Research

In the conventional signature scheme, the sender will sign the message and send it to the receiver, who is verify based on the certificate of the sender (provided by trusted third party prior to communication). However, this lead to a certificate management problem as third party need to maintain all certificates and if there are many third parties (hierarchical). The solution to this problem lead to a certificateless signature scheme in which receiver only requires ID (unique identity) of the sender. The approaches in literatures are based on the bilinear map. However, the time for pairing is more as that of the exponent operation of the RSA (Public Key Cryptography) scheme. Recently, Zhang et al, proposed the RSA-based certificateless scheme. We show that this scheme is insecure and proposed the scheme that overcomes the attack on Zhang et al\'s scheme.