To achieve source authentication, message integrity, and non-repudiation, a number of authen-tication protocols adopt several types of digital signatures: public-key signatures, identity-based signatures,
and certi cateless signatures. In this paper, we show that an anonymous remote authentication scheme for wireless body area network, an anonymous handover authentication scheme, an authentication scheme for
emergency mobile cyber-physical system, and an authenticated key agreement protocol based on the three types of signatures schemes are insecure against various impersonation attacks due to insecurity of the
underlying signature schemes. These results showthat using cryptographic primitives without security proofs causes serious security vulnerabilities on the security protocol itself. Our results give strong evidences that
the security of adopted cryptographic primitives should be proved in appropriate formal security models as well as proof of the security protocol itself.
