Paper 2004/273

Cryptanalysis of Threshold-Multisignature schemes

Lifeng Guo

Abstract

In [1], Li et al. proposed a new type of signature scheme, called the $(t,n)$ threshold-mutisignature scheme. The first one needs a mutually trusted share distribution center (SDC) while the second one does not. In this paper, we present a security analysis on their second schemes. We point out that their second threshold-multisignature scheme is vulnerable to universal forgery by an insider attacker under reasonable assumptions. In our attack, $(n-t+1)$ colluding members can control the group secret key. Therefore, they can generate valid threshold-multisignautre for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any $t$ members can generate threshold-multisignatures according to the prescribed protocols.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
threshold-multisignaturesecret sharing
Contact author(s)
lfguo @ amss ac cn
History
2004-10-21: received
Short URL
https://ia.cr/2004/273
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2004/273,
      author = {Lifeng Guo},
      title = {Cryptanalysis of Threshold-Multisignature schemes},
      howpublished = {Cryptology {ePrint} Archive, Paper 2004/273},
      year = {2004},
      url = {https://eprint.iacr.org/2004/273}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.