Cryptology ePrint Archive: Report 2007/225

On the Forgeability of Wang-Tang-Li's ID-Based Restrictive Partially Blind Signature

Shengli Liu and Xiaofeng Chen and Fangguo Zhang

Abstract: Restrictive partially blind signature (RPBS) plays an important role in designing secure electronic cash system. Very recently, Wang, Tang and Li proposed a new ID-based restrictive partially blind signature (ID-RPBS) and gave the security proof. In this paper, we present a cryptanalysis of the scheme and show that the signature scheme does not satisfy the property of {\bf unforgeability} as claimed. More precisely, a user can forge a valid message-signature pair $(ID, msg, {\bf info'}, \sigma')$ instead of the original one $(ID, msg, {\bf info}, \sigma)$, where {\bf info} is the original common agreed information and ${\bf info}'\neq {\bf info}$. Therefore, it will be much dangerous if Wang-Tang-Li's ID-RPBS scheme is applied to the off-line electronic cash system. For example, a bank is supposed to issue an electronic coin (or bill) of \$100 to a user, while the user can change the denomination of the coin (bill) to any value, say \$100, 000, 000, at his will.

Category / Keywords: public-key cryptography / Unforgeability, restrictive partially blind signature, ID-based cryptography, electronic cash.

Date: received 11 Jun 2007

Contact author: liu-sl at cs sjtu edu cn

Available format(s): PDF | BibTeX Citation

Note: This paper shows how to make a forgery of Wang restrictive partially blind signature.

Version: 20070619:194107 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]