Digital signature schemes with fault tolerance make it possible for error detections and corrections during the processes of data computations and transmissions. Recently, Zhang, in 1999, and Lee and Tsai, in 2003, have respectively proposed two efficient fault-tolerant schemes based on the RSA cryptosystem. Both of them can efficiently check the sender's identity and keep the confidentiality of the transmitted document. Furthermore, they can detect the errors and correct them. However, these schemes have a common weakness in security, that is, different messages may easily be computed that have the same signature. Thus, a valid signature could be reused in another document. This severely violates the principles of digital signature. In this paper, we shall show that this security flaw existed in the two perviously proposed schemes and conclude that the security flaw may occur in other fault-tolerant public key cryptosystems that are similar to these schemes. Furthermore, we will improve Zhang's and Lee and Tsai's schemes to eliminate the drawbacks.
[1]
Adi Shamir,et al.
A method for obtaining digital signatures and public-key cryptosystems
,
1978,
CACM.
[2]
Zhenfu Cao,et al.
A Directed Signature Scheme Based on RSA Assumption
,
2006,
Int. J. Netw. Secur..
[3]
N.-Y. Lee,et al.
Efficient fault-tolerant scheme based on the RSA system
,
2003
.
[4]
Chang N. Zhang,et al.
Integrated approach for fault tolerance and digital signature in RSA
,
1999
.
[5]
T. Elgamal.
A public key cryptosystem and a signature scheme based on discrete logarithms
,
1984,
CRYPTO 1984.