Short Paper
Attack on Digital Multi-Signature Scheme Based on Elliptic Curve Cryptosystem
Duo Liu1 
, Ping Luo1 and Yi-Qi Dai1
| (1) |
Department of Computer Science and Technology, Tsinghua University, Beijing, 100084, China |
Received: 5 August 2005 Revised: 28 November 2006 Published online: 14 February 2007
Abstract The concept of multisignature, in which multiple signers can cooperate to sign the same message and any verifier can verify
the validity of the multi-signature, was first introduced by Itakura and Nakamura. Several multisignature schemes have been
proposed since. Chen
et al. proposed a new digital multi-signature scheme based on the elliptic curve cryptosystem recently. In this paper, we show
that their scheme is insecure, for it is vulnerable to the so-called active attacks, such as the substitution of a “false”
public key to a “true” one in a key directory or during transmission. And then the attacker can sign a legal signature which
other users have signed and forge a signature himself which can be accepted by the verifier.
Keywords digital signature - multi-signature - elliptic curve - cryptography
This work is supported by the National Natural Science Foundation of China under Grant No. 90304014 and the National Grand
Fundamental Research 973 Program of China under Grant No. 2003CB314805.
References secured to subscribers.