CryptoDB
On the Forgeability of Wang-Tang-Li's ID-Based Restrictive Partially Blind Signature
| Authors: | |
|---|---|
| Download: | |
| Abstract: | Restrictive partially blind signature (RPBS) plays an important role in designing secure electronic cash system. Very recently, Wang, Tang and Li proposed a new ID-based restrictive partially blind signature (ID-RPBS) and gave the security proof. In this paper, we present a cryptanalysis of the scheme and show that the signature scheme does not satisfy the property of {\bf unforgeability} as claimed. More precisely, a user can forge a valid message-signature pair $(ID, msg, {\bf info'}, \sigma')$ instead of the original one $(ID, msg, {\bf info}, \sigma)$, where {\bf info} is the original common agreed information and ${\bf info}'\neq {\bf info}$. Therefore, it will be much dangerous if Wang-Tang-Li's ID-RPBS scheme is applied to the off-line electronic cash system. For example, a bank is supposed to issue an electronic coin (or bill) of \$100 to a user, while the user can change the denomination of the coin (bill) to any value, say \$100, 000, 000, at his will. |
BibTeX
@misc{eprint-2007-13506,
title={On the Forgeability of Wang-Tang-Li's ID-Based Restrictive Partially Blind Signature},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / Unforgeability, restrictive partially blind signature, ID-based cryptography, electronic cash.},
url={http://eprint.iacr.org/2007/225},
note={ liu-sl@cs.sjtu.edu.cn 13675 received 11 Jun 2007},
author={Shengli Liu and Xiaofeng Chen and Fangguo Zhang},
year=2007
}