Paper 2004/273

Cryptanalysis of Threshold-Multisignature schemes

Lifeng Guo

Abstract

In [1], Li et al. proposed a new type of signature scheme, called the (t,n) threshold-mutisignature scheme. The first one needs a mutually trusted share distribution center (SDC) while the second one does not. In this paper, we present a security analysis on their second schemes. We point out that their second threshold-multisignature scheme is vulnerable to universal forgery by an insider attacker under reasonable assumptions. In our attack, colluding members can control the group secret key. Therefore, they can generate valid threshold-multisignautre for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any members can generate threshold-multisignatures according to the prescribed protocols.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
threshold-multisignaturesecret sharing
Contact author(s)
lfguo @ amss ac cn
History
2004-10-21: received
Short URL
https://ia.cr/2004/273
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2004/273,
      author = {Lifeng Guo},
      title = {Cryptanalysis of Threshold-Multisignature schemes},
      howpublished = {Cryptology {ePrint} Archive, Paper 2004/273},
      year = {2004},
      url = {https://eprint.iacr.org/2004/273}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.