Paper 2004/273
Cryptanalysis of Threshold-Multisignature schemes
Lifeng Guo
Abstract
In [1], Li et al. proposed a new type of signature scheme, called the $(t,n)$ threshold-mutisignature scheme. The first one needs a mutually trusted share distribution center (SDC) while the second one does not. In this paper, we present a security analysis on their second schemes. We point out that their second threshold-multisignature scheme is vulnerable to universal forgery by an insider attacker under reasonable assumptions. In our attack, $(n-t+1)$ colluding members can control the group secret key. Therefore, they can generate valid threshold-multisignautre for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any $t$ members can generate threshold-multisignatures according to the prescribed protocols.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- threshold-multisignaturesecret sharing
- Contact author(s)
- lfguo @ amss ac cn
- History
- 2004-10-21: received
- Short URL
- https://ia.cr/2004/273
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2004/273, author = {Lifeng Guo}, title = {Cryptanalysis of Threshold-Multisignature schemes}, howpublished = {Cryptology {ePrint} Archive, Paper 2004/273}, year = {2004}, url = {https://eprint.iacr.org/2004/273} }