International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Cryptanalysis of Threshold-Multisignature Schemes

Authors:
Lifeng Guo
Download:
URL: http://eprint.iacr.org/2004/269
Search ePrint
Search Google
Abstract: In [1], Li et al. proposed a new type of signature scheme, called the $(t,n)$ threshold-mutisignature scheme. The first one needs a mutually trusted share distribution center (SDC) while the second one does not. In this paper, we present a security analysis on their second schemes. We point out that their second threshold-multisignature scheme is vulnerable to universal forgery by an insider attacker under reasonable assumptions. In our attack, $(n-t+1)$ colluding members can control the group secret key. Therefore, they can generate valid threshold-multisignautre for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any $t$ members can generate threshold-multisignatures according to the prescribed protocols.
BibTeX
@misc{eprint-2004-12236,
  title={Cryptanalysis of Threshold-Multisignature Schemes},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / threshold-multisignature; secret sharing},
  url={http://eprint.iacr.org/2004/269},
  note={ lfguo@mail.cstnet.cn 12708 received 16 Oct 2004},
  author={Lifeng Guo},
  year=2004
}