Attack on Han et al.'s ID-based confirmer (undeniable) signature at ACM-EC'03
نویسندگان
چکیده
At the fourth ACM conference on electronic commerce (EC’03), S. Han, K.Y. Yeung and J. Wang proposed an ID-based confirmer signature scheme using pairings (actually, this is an ID-based undeniable signature scheme). However, in this paper, we will show that this signature scheme is not secure. The signer can deny any signature, even this signature is his valid signature and any one can forge a valid confirmer signature of a signer with identity ID on an arbitrary message and confirm this signature to the verifier.
منابع مشابه
A Secure Modified ID-Based Undeniable Signature Scheme
Han et al. proposed the first identity-based undeniable signature scheme at the fourth ACM conference on electronic commerce. Zhang et al. showed two attacks (the denial attack and the forge attack) against the scheme. In this paper, we modify the scheme to make it secure against these attacks. We also show how to modify our scheme to make it be an ID-based convertible undeniable signature scheme.
متن کاملProxy Confirmation Signatures
The undeniable signature, introduced by Chaum et al. in 1989, provides a nice property that the signer has an additional control over who will benefit from being convinced by the signature. However, a conspicuous drawback of undeniable signature is that the signer may be unavailable or refuse to cooperate. Chaum in 1994 proposed a designated confirmer signature scheme to protect the recipient’s...
متن کاملAn Attack on Libert et al.' s ID-based Undeniable Signature Scheme
In 2004, Libert and Quisquater proposed an identity based undeniable signature scheme using pairings over elliptic curves. In this article, we show that the scheme is not secure. In particular, if a valid message-signature pair has been revealed, an adversary can forge the signer’s signature for any arbitrary message for which the signer has no way to deny it. More importantly, through this exa...
متن کاملChaum's Designated Confirmer Signature Revisited
This article revisits the original designated confirmer signature scheme of Chaum. Following the same spirit we naturally extend the Chaum’s construction in a more general setting and analyze its security in a formal way. We prove its security in the random oracle model by using a random hash function and a random permutation. We notably consider the confirmer as an attacker against the existen...
متن کاملGeneric Constructions for Secure and Efficient Confirmer Signature Schemes
In contrast to ordinary digital signatures, the verification of undeniable signatures and of confirmer signatures requires the cooperation of the signer or of a designated confirmer, respectively. Various schemes have been proposed so far, from practical solutions based on specific number-theoretic assumptions to theoretical constructions using basic cryptographic primitives. To motivate the ne...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Applied Mathematics and Computation
دوره 170 شماره
صفحات -
تاریخ انتشار 2003