A novel multisignature scheme for a special verifier group against clerk and rogue-key attacks  

作　　者：Jia-lun TSAI Tzong-chen WU Kuo-yu TSAI 

机构地区：[1]Department of Information Management,National Taiwan University of Science and Technology [2]Taiwan Information Security Center,National Taiwan University of Science and Technology

出　　处：《Journal of Zhejiang University-Science C(Computers and Electronics)》2010年第4期290-295,共6页浙江大学学报C辑（计算机与电子（英文版）

基　　金：supported in part by the National Science Council (Nos.NSC 97-2745-P-001-001-,NSC 98-2219-E-011-001-,NSC 98-2221-E-011-073-MY3,and NSC 98-2218-E-011-018-)

摘　　要：The digital signature is a very important subject for network security.Considering multiple signers and multiple verifiers,Xie and Yu(2004) pointed out that the multisignature scheme of Laih and Yen(1996) is vulnerable to a harmful attack.An attack can occur when a specified group of verifiers cooperate to forge a multisignature by secret key substitution following the leak of a secret key or by group public key adjustment during the process of renewing membership.Xie and Yu proposed an improvement of Laih and Yen's multisignature scheme.In this paper,we show that Xie and Yu's scheme is vulnerable to clerk and rogue-key attacks.We propose an improved multisignature scheme to resist such attacks.In the proposed scheme,multiple signers can generate a multisignature for the message with the signers' secret keys,and the specified group of verifiers can cooperate to verify the validity of the multisignature with the signers' public keys and the verifiers' secret key.The proposed scheme for a special verifier group not only has the advantages of Xie and Yu's scheme,but also is secure against clerk and rogue-key attacks.The digital signature is a very important subject for network security. Considering multiple signers and multiple verifiers, Xie and Yu （2004） pointed out that the multisignature scheme of Laih and Yen （1996） is vulnerable to a harmful attack. An attack can occur when a specified group of verifiers cooperate to forge a multisignature by secret key substitution following the leak of a secret key or by group public key adjustment during the process of renewing membership. Xie and Yu proposed an improvement of Laih and Yen＇s multisignature scheme. In this paper, we show that Xie and Yu＇s scheme is vulnerable to clerk and rogue-key attacks. We propose an improved multisignature scheme to resist such attacks. In the proposed scheme, multiple signers can generate a multisignature for the message with the signers＇ secret keys, and the specified group of verifiers can cooperate to verify the validity of the multisignature with the signers＇ public keys and the verifiers＇ secret key. The proposed scheme for a special verifier group not only has the advantages of Xie and Yu＇s scheme, but also is secure against clerk and rogue-key attacks.

关 键 词：MULTISIGNATURE Clerk attack Rogue-key attack Cryptosystem 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]