A novel multisignature scheme for a special verifier group against clerk and rogue-key attacks

The digital signature is a very important subject for network security. Considering multiple signers and multiple verifiers, Xie and Yu (2004) pointed out that the multisignature scheme of Laih and Yen (1996) is vulnerable to a harmful attack. An attack can occur when a specified group of verifiers cooperate to forge a multisignature by secret key substitution following the leak of a secret key or by group public key adjustment during the process of renewing membership. Xie and Yu proposed an improvement of Laih and Yen’s multisignature scheme. In this paper, we show that Xie and Yu’s scheme is vulnerable to clerk and rogue-key attacks. We propose an improved multisignature scheme to resist such attacks. In the proposed scheme, multiple signers can generate a multisignature for the message with the signers’ secret keys, and the specified group of verifiers can cooperate to verify the validity of the multisignature with the signers’ public keys and the verifiers’ secret key. The proposed scheme for a special verifier group not only has the advantages of Xie and Yu’s scheme, but also is secure against clerk and rogue-key attacks.

[1]  Wei-Hua He,et al.  Weaknesses in some multisignature schemes for specified group of verifiers , 2002, Inf. Process. Lett..

[2]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[3]  Alexandra Boldyreva,et al.  Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-Group signature scheme , 2002 .

[4]  Han-Yu Lin,et al.  Self-certified multi-proxy signature schemes with message recovery , 2009 .

[5]  Tzong-Chen Wu,et al.  Group-oriented signature scheme with distinguished signing authoritie , 2004, Future Gener. Comput. Syst..

[6]  Qi Xie,et al.  Improvement of Laih and Yen’s multisignature scheme , 2004, Journal of Zhejiang University. Science.

[7]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[8]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[9]  Thomas Ristenpart,et al.  The Power of Proofs-of-Possession: Securing Multiparty Signatures against Rogue-Key Attacks , 2007, EUROCRYPT.

[10]  K. Itakura,et al.  A public-key cryptosystem suitable for digital multisignatures , 1983 .

[11]  Eiji Okamoto,et al.  Proxy signatures for delegating signing operation , 1996, CCS '96.

[12]  Min-Shiang Hwang,et al.  A nonrepudiable threshold multi-proxy multi-signature scheme with shared verification , 2004, Future Gener. Comput. Syst..

[13]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[14]  Chin-Chen Chang,et al.  An encryption/multisignature scheme with specified receiving groups , 1998 .

[15]  E. Mohammed,et al.  Elliptic curve cryptosystems on smart cards , 2002, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology (Cat. No.01CH37186).

[16]  Qiaoyan Wen,et al.  Efficient and provably-secure certificateless short signature scheme from bilinear pairings , 2009, Comput. Stand. Interfaces.

[17]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[18]  Rongbo Lu,et al.  Security analysis and improvement of new threshold multi-Proxy multi-Signature scheme , 2008 .

[19]  Kyung-Ah Shim Rogue-key attacks on the multi-designated verifiers signature scheme , 2008, Inf. Process. Lett..

[20]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[21]  Sung-Ming Yen,et al.  Multi-Signature for Specified Group of Verifiers , 1996, J. Inf. Sci. Eng..

[22]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[23]  Rafail Ostrovsky,et al.  Sequential Aggregate Signatures and Multisignatures Without Random Oracles , 2006, EUROCRYPT.

[24]  Haifeng Qian,et al.  A CDH-Based Multi-Signature Scheme with Tight Security Reduction , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[25]  Tzong-Chen Wu,et al.  Multi-proxy Signature Schemes for Partial Delegation with Cheater Identification , 2002 .

[26]  Baoyuan Kang,et al.  A novel nonrepudiable threshold multi-proxy multi-signature scheme with shared verification , 2009, Comput. Electr. Eng..

[27]  Kuo-Yu Tsai,et al.  Cryptanalysis and improvement of nonrepudiable threshold multi-proxy multi-signature scheme with shared verification , 2007, Inf. Sci..

[28]  Leonhard Euler Public-Key Cryptosystem , 2011, Encyclopedia of Cryptography and Security.

[29]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2006, Journal of Cryptology.

[30]  Zhenfu Cao,et al.  Improvement on Tzeng et al.'s nonrepudiable threshold multi-proxy multi-signature scheme with shared verification , 2005, Appl. Math. Comput..