On the security of generalization of threshold signature and authenticated encryption

Yuh Min Tseng, Jinn Ke Jan, Hung Yu Chien

Research output: Contribution to journalLetter

20 Citations (Scopus)

Abstract

In 2000, Wang et al. proposed a new (t,n) threshold signature scheme with (k,l) threshold shared verification. Meanwhile, integrating the idea of message recovery, they also proposed a (t,n) threshold authenticated encryption scheme with (k,l) threshold shared verification. However, this article will show that both proposed schemes are insecure, because any malicious attacker can obtain the group secret keys from two valid threshold signatures. Thus, the attacker may solely forge or verify a threshold signature. An improvement to overcome the attacks is proposed.

Original languageEnglish
Pages (from-to)2606-2609
Number of pages4
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
VolumeE84-A
Issue number10
Publication statusPublished - 2001 Jan 1

Fingerprint

Authenticated Encryption
Threshold Signature
Cryptography
Threshold Scheme
Signature Scheme
Recovery
Attack
Valid
Verify
Generalization

All Science Journal Classification (ASJC) codes

  • Signal Processing
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering
  • Applied Mathematics

Cite this

@article{5f3dfdd777d94fe38edea6cb76a8d0b4,
title = "On the security of generalization of threshold signature and authenticated encryption",
abstract = "In 2000, Wang et al. proposed a new (t,n) threshold signature scheme with (k,l) threshold shared verification. Meanwhile, integrating the idea of message recovery, they also proposed a (t,n) threshold authenticated encryption scheme with (k,l) threshold shared verification. However, this article will show that both proposed schemes are insecure, because any malicious attacker can obtain the group secret keys from two valid threshold signatures. Thus, the attacker may solely forge or verify a threshold signature. An improvement to overcome the attacks is proposed.",
author = "Tseng, {Yuh Min} and Jan, {Jinn Ke} and Chien, {Hung Yu}",
year = "2001",
month = "1",
day = "1",
language = "English",
volume = "E84-A",
pages = "2606--2609",
journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",
issn = "0916-8508",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "10",

}

On the security of generalization of threshold signature and authenticated encryption. / Tseng, Yuh Min; Jan, Jinn Ke; Chien, Hung Yu.

In: IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E84-A, No. 10, 01.01.2001, p. 2606-2609.

Research output: Contribution to journalLetter

TY - JOUR

T1 - On the security of generalization of threshold signature and authenticated encryption

AU - Tseng, Yuh Min

AU - Jan, Jinn Ke

AU - Chien, Hung Yu

PY - 2001/1/1

Y1 - 2001/1/1

N2 - In 2000, Wang et al. proposed a new (t,n) threshold signature scheme with (k,l) threshold shared verification. Meanwhile, integrating the idea of message recovery, they also proposed a (t,n) threshold authenticated encryption scheme with (k,l) threshold shared verification. However, this article will show that both proposed schemes are insecure, because any malicious attacker can obtain the group secret keys from two valid threshold signatures. Thus, the attacker may solely forge or verify a threshold signature. An improvement to overcome the attacks is proposed.

AB - In 2000, Wang et al. proposed a new (t,n) threshold signature scheme with (k,l) threshold shared verification. Meanwhile, integrating the idea of message recovery, they also proposed a (t,n) threshold authenticated encryption scheme with (k,l) threshold shared verification. However, this article will show that both proposed schemes are insecure, because any malicious attacker can obtain the group secret keys from two valid threshold signatures. Thus, the attacker may solely forge or verify a threshold signature. An improvement to overcome the attacks is proposed.

UR - http://www.scopus.com/inward/record.url?scp=0035483324&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0035483324&partnerID=8YFLogxK

M3 - Letter

AN - SCOPUS:0035483324

VL - E84-A

SP - 2606

EP - 2609

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

SN - 0916-8508

IS - 10

ER -