Cryptanalysis of Threshold-Multisignature schemes
نویسنده
چکیده
In [1], Li et al. proposed a new type of signature scheme, called the (t, n) thresholdmutisignature scheme. The first one needs a mutually trusted share distribution center (SDC) while the second one does not. In this paper, we present a security analysis on their second schemes. We point out that their second threshold-multisignature scheme is vulnerable to universal forgery by an insider attacker under reasonable assumptions. In our attack, (n − t + 1) colluding members can control the group secret key. Therefore, they can generate valid threshold-multisignautre for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any t members can generate threshold-multisignatures according to the prescribed protocols. keywords: threshold-multisignature; secret sharing
منابع مشابه
Cryptanalysis of digital multisignature schemes for authenticating delegates in mobile code systems
In this paper, we motivate the need for efficient multisignature schemes in delegated mobile services. With the schemes, delegates can be identified and delegated accesses can be controlled. First, we give a new digital signature scheme with message recovery. Based on the digital signature scheme, two digital multisignature schemes are proposed: the parallel multisignature scheme and the serial...
متن کاملParallel Reliable Threshold Multisignature
A multisignature scheme is developed here by combining the RSA signature scheme with Shamir's threshold scheme. This multisignature scheme has many advantages: the size of the public key directory is reduced since the group has only one commonpublic key, not each individual in the group has a key; to guarantee reliability any subset of k individuals in the group can sign, yet less than k cannot...
متن کاملEfficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-group signature scheme
We propose a robust proactive threshold signature scheme, a multisignature scheme and a blind signature scheme which work in any Gap Diffie-Hellman (GDH) group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy). Our constructions are based on the recently proposed GDH signature scheme of Boneh et al. [BLS]. Due to the instrumental structur...
متن کاملSecure acknowledgment aggregation and multisignatures with limited robustness
In certain reliable group-oriented and multicast applications, a source needs to securely verify whether all (and if not all, which) intended receivers have received a message. However, secure verification of individual acknowledgments from all receivers can impose a significant computation and communication burden. Such cost can be significantly reduced if intermediate nodes along the distribu...
متن کاملID-Based Multi-Proxy Signature and Blind Multisignature from Bilinear Pairings
Multi-proxy signature allows the original signer delegate his singing power to a group of proxy signers. Blind proxy-signature allows the user to obtain a signature of a message from several signers in a way that each signer learns neither the message nor the resulting signature. Plenty of multi-proxy signature and blind multisignature schemes have been proposed under the certificate-based (CA-...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2004 شماره
صفحات -
تاریخ انتشار 2004