Cryptanalysis of improvement of digital signature with message recovery using self-certified public keys and its variants
In 2003, Tseng et al. proposed a self-certified public key signature with message recovery, which gives two advantages: one is that the signer??s public key can simultaneously be authenticated in verifying the signature and the other one is that only the specified verifier can recover the message. Lately, Xie and YU proposed an attack to the Tseng et al.??s scheme under the cases: the specified verifier substitutes his secret key or two or more specified verifiers cooperatively forge the signer??s signature. About the same time, Shao also proposed another insider forgery attack to break the Tseng et al.??s scheme. In addition, he claimed the Tseng et al.??s scheme without the properties of non-repudiation and forward security. Therefore, he proposed an improved scheme to overcome the weakness. In this paper, we will show that the Shao??s improved scheme is still insecure against the insider forgery attack. A specified verifier can forge many different valid signatures with the same message to the other verifiers who cooperatively provide their secret keys. Furthermore, we give a small modification to overcome this weakness.
Comment on cryptanalysis of Tseng et al.??s authenticated encryption schemes
Recently, Xie and Yu proposed a forgery attack on the Tseng et al??s authenticated encryption schemes and showed that their schemes are not secure in two cases: the specified verifier substitutes his secret key, or the signer generates the signature with these schemes for two or more specified verifiers. In addition, Xie and Yu made a small modification for the Tseng et al??s schemes and claimed that the modified schemes can satisfy the security requirement. However, we show that the modified schemes are still insecure.
- Jinn-Ke Jan (2)