Similar articles

Abstract: The digital signature is a very important subject for network security. Considering multiple signers and multiple verifiers, Xie and Yu (2004) pointed out that the multisignature scheme of Laih and Yen (1996) is vulnerable to a harmful attack. An attack can occur when a specified group of verifiers cooperate to forge a multisignature by secret key substitution following the leak of a secret key or by group public key adjustment during the process of renewing membership. Xie and Yu proposed an improvement of Laih and Yen’s multisignature scheme. In this paper, we show that Xie and Yu’s scheme is vulnerable to clerk and rogue-key attacks. We propose an improved multisignature scheme to resist such attacks. In the proposed scheme, multiple signers can generate a multisignature for the message with the signers’ secret keys, and the specified group of verifiers can cooperate to verify the validity of the multisignature with the signers’ public keys and the verifiers’ secret key. The proposed scheme for a special verifier group not only has the advantages of Xie and Yu’s scheme, but also is secure against clerk and rogue-key attacks.

[1]Adam, B., Jonathan, K., Ruggero, M., 2009. Ring signatures: stronger definitions, and constructions without random oracles. J. Cryptol., 22(1):114-138.

[2]Bao, H.Y., Cao, Z.F., Wang, S.B., 2005. Improvement on Tzeng et al.’s nonrepudiable threshold multi-proxy multi-signature scheme with shared verification. Appl. Math. Comput., 169(2):1419-1430.

[3]Boldyreva, A., 2003. Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-Diffie-Hellman-Group Signature Scheme. Public Key Cryptography, p.31-46.

[4]Du, H., Wen, Q., 2009. Efficient and provably-secure certificateless short signature scheme from bilinear pairings. Comput. Stand. Interfaces, 31(2):390-394.

[5]Elgamal, T., 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory, 31(4):469-472.

[6]He, W.H., 2002. Weakness in some multisignature for specified group of verifiers. Inform. Process. Lett., 83(2):95-99.

[7]Hsu, C.L., Wu, T.S., Wu, T.C., 2004. Group-oriented signature scheme with distinguished signing authorities. Future Gener. Comput. Syst., 20(5):865-873.

[8]Hsu, C.L., Tsai, K.Y., Tsai, P.L., 2007. Cryptanalysis and improvement of nonrepudiable threshold multi-proxy multi-signature scheme with shared verification. Inform. Sci., 177(2):543-549.

[9]Hwang, S.J., Yeh, S.M., 1998. An encryption/multisignature scheme with specified receiving groups. Comput. Syst. Sci. Eng., 13(2):109-112.

[10]Itakura, K., Nakamura, K., 1983. A public-key cryptosystem suitable for digital multisignatures. NEC Res. Dev., 71:1-8.

[11]Kang, B., Boyd, C., Dawson, E., 2009. A novel nonrepudiable threshold multi-proxy multi-signature scheme with shared verification. Comput. Electr. Eng., 35(1):9-17.

[12]Koblitz, N., 1987. Elliptic curve cryptosystems. Math. Comput., 48(177):203-209.

[13]Laih, C.S., Yen, S.M., 1996. Multisignature for specified group of verifiers. J. Inform. Sci. Eng., 12(1):143-152.

[14]Lin, C.Y., Wu, T.C., Hwang, J.J., 2002. Multi-Proxy Signature Schemes for Partial Delegation with Cheater Identification. 2nd Int. Workshop for Asia Public Key Infrastructure, p.147-152.

[15]Lu, R., He, D., Wang, C., 2008. Security analysis and improvement of new threshold multi-proxy multi-signature scheme. J. Electron. (China), 25(3):372-377.

[16]Lu, S., Ostrovsky, R., Sahai, A., Shacham, H., Waters, B., 2006. Sequential aggregate signatures and multisignatures without random oracles. LNCS, 4004:465-485.

[17]Mambo, M., Usuda, K., Okamoto, E., 1996. Proxy Signature for Delegating Signing Operation. Proc. 3rd ACM Conf. on Computer and Communications Security, p.48-57.

[18]Miller, V., 1985. Use of Elliptic Curves in Cryptography. Advances in Cryptology, Springer-Verlag, Santa Barbara, California, USA, 218:417-426.

[19]Ristenpart, T., Yilek, S., 2007. The power of proofs-of-possession: security multiparty signature against rogue-key attacks. LNCS, 4515:228-245.

[20]Rivest, R.L., Shamir, A., Adelman, L., 1978. A method for obtaining digital signature and public key cryptosystem. Commun. ACM, 21(2):120-126.

[21]Shim, K.A., 2008. Rogue-key attacks on the multi-designated verifiers signature scheme. Inform. Process. Lett., 107(2):83-86.

[22]Tzeng, S.F., Yang, C.Y., Hwang, M.S., 2004. A nonrepudiable threshold multi-proxy multi-signature scheme with shared verification. Future Gener. Comput. Syst., 20(5):887-893.

[23]Xie, Q., Yu, X.Y., 2004. Improvement of Laih and Yen’s multisignature scheme. J. Zhejiang Univ.-Sci., 5(9):1155-1159.

[24]Wang, Z., Si, T., Qian, H., Li, Z., 2008. A CDH-Based Multi-Signature Scheme with Tight Security Reduction. 9th Int. Conf. for Yong Computer Scientists, p.2096-2101.

[25]Wu, T.S., Hsu, C.L., Lin, H.Y., 2009. Self-certified multi-proxy signature schemes with message recovery. J. Zhejiang Univ.-Sci. A, 10(2):290-300.