Recently, Zhu et al. analyzed a certificate-based proxy signature scheme proposed by Verma et al. and provided a revised scheme [9]. In this paper, we revisit Zhu et al.'s attack and show that the fundamental problem of the Verma et al.'s scheme is that it uses a weak ordinary signature scheme as a building block. In addition, based on the fact that the revised scheme shares many of the components which use the weak signature in the Verma et al.'s scheme, we show that the attack against the Verma et al.'s scheme can be similarly applied to the revised scheme.

中文翻译：

---

IIoT 环境中基于证书的代理签名方案的安全弱点

最近，朱等人。分析了 Verma 等人提出的基于证书的代理签名方案。并提供了修改后的方案[9]。在本文中，我们重新审视了 Zhu 等人的攻击，并表明 Verma 等人方案的根本问题在于它使用弱普通签名方案作为构建块。此外，基于修改后的方案共享许多使用 Verma 等人方案中弱签名的组件这一事实，我们证明了对 Verma 等人方案的攻击可以类似地应用于经修订的方案。