CAO Tian-jie,LIN Dong-dai

DOI: https://doi.org/10.3321/j.issn:1008-9497.2006.04.010

2006-01-01

Abstract:LI and YANG proposed a message recovery signature scheme(LY scheme) based on both the discrete logarithm problem and the factorization problem.WU and LI proved that the security of the LY scheme is only based on the difficulty of factoring.To eliminate this weakness,they also proposed an improved scheme(WL scheme).However,the security of the improved scheme is not as secure as they have claimed.An attacker could generate a forged signature on the assumption when the factorization problem is solved.

Lei Niu,Changqing Zhang,Qi Xia,Yong Yu

DOI: https://doi.org/10.1504/ijics.2015.069212

2015-01-01

Abstract:Chang et al. proposed a new digital signature scheme with message recovery. However, several forgery attacks demonstrated that Chang et al.'s construction without using one-way hash functions and message redundancy is insecure. Nevertheless, it is unclear to see how to achieve the attacks. In this paper, more general forgery attacks are described to show clearly how to obtain these attacks. It is interesting that our general forgery covers all the known attacks.

Fan Wu,Lili Xu

DOI: https://doi.org/10.1002/dac.2673

2013-01-01

International Journal of Communication Systems

Abstract:This paper presents a self-certified digital signature scheme with message recovery that is proven to be secure. So far, many schemes of this kind have been proposed to keep message secret in the transmission. But Zhang et al. has proposed the man-in-middle attack to Shao's self-certified signature scheme, which is based on discrete logarithm. The attacker can make a new signature by using an old one, but the reason of such man-in-middle attack was not referred. We present the scheme of Yoon et al., which is also based on discrete logarithm, that cannot resist man-in-middle attack either, give the analysis of the attack, and propose a new scheme. The proposed scheme can resist forgery attack in the random oracle model and avoid message leakage, the man-in-middle attack, and meanwhile has several security characters. Compared with some self-certified schemes, our scheme is the best because of the time cost. Copyright © 2013 John Wiley & Sons, Ltd.

Lei Niu,Yong Yu,Jianbing Ni,Ying Sun

DOI: https://doi.org/10.1109/incos.2012.41

2012-01-01

Abstract:Chang et al. proposed a new digital signature scheme with message recovery. They claimed that their scheme was accomplished without using one-way hash functions and message redundancy. However, several forgery attacks demonstrated that Chang et al.'s signature scheme with message recovery is not secure. However, the idea of how to get the attacks is unclear. In this paper, we present more general forgery attacks to show clearly how to obtain the attacks. Interestingly, our general forgery covers all the known attacks.

刘杰,李建华

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.09.013

2008-01-01

Abstract:This paper investigates a digital signature scheme with message recovery,which is claimed to resist forgery attacks without hash functions and message redundancies.Some attacks and an effective improvement on this scheme are analyzed.A further improvement to shorten the signed signature is presented.The improvement keeps the security properties and makes the scheme more efficient.When p = 1024 and q = 160,the improved length of the signed signature is only 44% of the original,which raises computation efficiency by 61% and communication efficiency by 56 %.

LEI Yong-jun,LIU Chun-gang,WANG Gang

DOI: https://doi.org/10.3969/j.issn.1009-8054.2007.07.055

2007-01-01

Abstract:The digital signature can provide not only the encryption and decryption of the information,but also the identification of the information source,assurance of information integrity,etc. In this paper,a new ID-based signature scheme with message recovery is proposed. As a valid signature contains the signed message,the proposed scheme requires smaller communication overhead than other ID-based signature schemes. Therefore,it can be widely used in Mobile eCommerce.

LI Fa-gen,XIN Xiang-jun,HU Yu-pu

DOI: https://doi.org/10.3321/j.issn:1001-4632.2006.05.025

2006-01-01

Abstract:Yang and Li proposed an efficient signature scheme that is strictly based on two hard problems of discrete logarithms and factoring.However,their scheme requires t+2 keys for a signing document,where t is the output bit length of a one-way Hash function and is usually equal to 128 or 160.To overcome the weakness of too many keys,we present an improvement of their signature scheme by getting rid of the one-way Hash function.We also consider 5 possible attacks and show that the improved scheme is secure if the discrete logarithms and factoring are simultaneously unsolvable.As compared with the Yang and Li's scheme in terms of the number of keys,computational complexity and communication cost, the improved scheme only needs 3 keys,lower computational complexity and same communication cost.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.1504/IJESDF.2013.058658

2013-01-01

Abstract:The message recovery signature scheme is a very useful signature scheme in which the verification of signature does not require appended message, because the message can be easily recovered from the signature. Although message recovery signatures based on conventional number-theoretic problems have been achieved, it is still unknown whether message recovery signature can be implemented based on lattices, which are receiving considerable attention in cryptographic community since they are resistant to quantum computer's attacks. This paper provides a positive answer to the above question by presenting two concrete lattice-based message recovery signature schemes. The two schemes make use of the efficient lattice-based signature scheme recently created by Lyubashevsky and presented at EUROCRYPT 2012. Our constructions are proved to be secure in the random oracle model under the short integer solution assumption. Compared with Lyubashevsky signature scheme, our schemes are more efficient in terms of communication overhead.

Chen-huang WU,Zhi-xiong CHEN,Hai-ming WANG,Kai-yuan ZHENG

DOI: https://doi.org/10.3969/j.issn.1000-3428.2009.20.057

2009-01-01

Abstract:Aiming at the construction problems of the certificateless signature with special properties,the construction methods of certificateless message recovery signature is researched.By analyzing the properties of the cetificateless signature and the message recovery signature,the first certificateless message recovery signature scheme in the certificateless cryptosystem is implemented.With the knowledge signature of discrete logarithm,it is proved this scheme is secure under the DL assumption in the random oracle model.

Li Zichen,Li Zhongxian,Yang Yixian,Wu Weilin

DOI: https://doi.org/10.1007/s11767-000-0035-7

2000-01-01

Abstract:After extending the forgery attacks to Nyberg-Rueppel’s signatures with message recovery, Atsuko Miyaji in 1997 proposed two suitable message recovery signatures, （F1） and （F2）. In this paper, another new forgery attacks to （F1）, （F2） and Nyberg-Rueppel’s signatures are presented.

J Wang,Q Zhang,CJ Tang

DOI: https://doi.org/10.1109/icact.2006.206228

2006-01-01

Abstract:Quantum signature combines quantum theory with classical digital signature. The main goal of this field is to take advantage of quantum effects to provide unconditionally secure signature. We present a quantum signature scheme with message recovery without using entangle effect. The most important property of the present scheme is that it is not necessary for the scheme to use Greenberger-Horne-Zeilinger states. The security of the scheme relies on the quantum one-time pad and quantum key distribution. The efficiency analysis shows that the proposed scheme is an efficient scheme.

J Pieprzyk,HX Wang,CP Xing

DOI: https://doi.org/10.1007/978-3-540-24654-1_7

2004-01-01

Abstract:Multiple-time signatures are digital signature schemes where the signer is able to sign a predetermined number of messages. They are interesting cryptographic primitives because they allow to solve many important cryptographic problems, and at the same time offer substantial efficiency advantage over ordinary digital signature schemes like RSA. Multiple-time signature schemes have found numerous applications, in ordinary, on-line/off-line, forward-secure signatures, and multicast/stream authentication. We propose a multiple-time signature scheme with very efficient signing and verifying. Our construction is based on a combination of one-way functions and cover-free families, and it is secure against the adaptive chosen-message attack.

李顺东,戴一奇

DOI: https://doi.org/10.3321/j.issn:1000-436x.2003.10.021

2003-01-01

Abstract:With available digital signature schemes, one can sign one or multi-message at same time. If persons more than one need to sign multi-message, the order signature method is chosen or a third party is needed to sign message as their agent. Sometimes, parallel multi-message signature without agent is needed but available signature schemes cant achieve this demand. A parallel signature scheme that can meet this requirement is proposed and its security is proved in this paper. The verification of the signature is also parallel.

WANG Yong,ZHU Yan-qin

DOI: https://doi.org/10.1007/0-387-34805-0_23

2011-01-01

Abstract:This paper presents a signature with shared verification scheme based on verifiable multi-secret sharing.The scheme effecitively overcomes the deficiencies of the previous schemes in terms of security.In the process of signature verification,validation group can prevent some members providing the faulted information.This can make verification failure.Because the scheme uses verifiable multi-secret sharing,it can verify many signatures when it makes once multi-secret sharing.It has higher efficiency compared with the previous schemes.

Jie Wang,Wenbin Li

2003-01-01

Abstract:A new mathematical problem-Decisional Relevant-RSA problem was introduced to construct a new signature scheme.It is simple and secure against adaptive chosen-message attacks.In addition its security proof is in the standard model.

Hong-Sheng Huang,Yu-Lei Fu,Han-Yu Lin

2024-03-28

Abstract:In this work, we introduce a strong Designated Verifier Signature (DVS) scheme that incorporates a message recovery mechanism inspired by the concept of the Universal Designated Verifier Signature (UDVS) scheme. It is worth noting that Saeednia's strong designated verifier signature scheme fails to guarantee the privacy of the signature, making it unsuitable for certain applications such as medical record certificates or voting systems. To overcome this limitation, we extend Lee's strong designated verifier signature with a message recovery scheme to develop a universal designated verifier signature scheme. This universal designated verifier scheme is crafted to safeguard the privacy of signature holders, ensuring that only designated verifiers can authenticate the true signer and recover the messages.

Computer Science

Zhen Qin,Chen Yuan,Yilei Wang,Hu Xiong

DOI: https://doi.org/10.1016/j.ipl.2016.02.003

IF: 0.851

2016-01-01

Information Processing Letters

Abstract:ID-based signature enables users to verify signatures using only public identifier. Very recently, Rossi and Schmid (2015) [9] proposed two identity-based signature schemes along with the application to group communications. Unfortunately, by proposing concrete attack, we demonstrate that the former scheme is insecure against forgery attack, while the latter scheme has been totally broken in the sense that the signing key can be recovered from the valid signature easily.

Chin-Yu Sun,Hsiao-Ling Wu,Hung-Min Sun,Tingting Hwang

DOI: https://doi.org/10.6688/jise.202111_37(6).0015

2021-01-01

Journal of information science and engineering

Abstract:"Self-certified digital signature with message recovery" allows a specific receiver to restore the meaningful message from a digital signature and simultaneously confirms the validity of a signature and a signer's public key. This method greatly improves message confidentiality, solves the certificate management problem, and reduces the communication costs. Due to those benefits, this signature scheme has been widely adopted for e commerce applications. However, in recent years, this method has attracted attackers' attention; hence, a series of schemes were proposed to counter different attack scenarios. In this paper, we will first present a new attack scenario that can break the security of all the "self -certified digital signature with message recovery" schemes. Then, we will propose a scheme to solve the security issues. Compared with this type of signature scheme, our scheme can satisfy the essential security requirement of a digital signature without sacrificing the cost-effectiveness of the original design. The security and performance analyses demonstrate that our proposed scheme is secure, efficient, and well suited for practical use in e-commerce.

Qingyun AO,Kefei CHEN,Yingcai Bai

DOI: https://doi.org/10.3321/j.issn:1002-8331.2001.01.005

2001-01-01

Abstract:A blind signature is a digital signature in which the message to be signed is blind to the signer.After David Chaum introduced this concept in 1983,many implementations have come into being.In this paper,we present a general blind signature scheme based on the discrete logarithm problem.Then,a detailed analysis on its completeness,unforgeability,security and blindness is given.We also discuss some rules,which have to be followed to design a valid discrete-logarithm-based blind signature protocol with this scheme.

Hongwei Chu,Yinliang Zhao

DOI: https://doi.org/10.1109/iscid.2008.204

2008-01-01

Abstract:Based on Schnorr algorithm, by adopting ID code and time-limit approaches, propose two multisignature schemes which can prevent repeated broadcast attack and malicious delay in the process. For most of the computational effort for signature generation can be done in preprocessing stage, both identification and signature with high efficiency, and it's security is based on the difficulty of discrete logarithms problem. In the end, analyze the two schemes' security and efficiency in detail.