Welcome to the resource topic for 2004/273
Cryptanalysis of Threshold-Multisignature schemes
Authors: Lifeng GuoAbstract:
In , Li et al. proposed a new
type of signature scheme, called the (t,n)
threshold-mutisignature scheme. The first one needs a mutually
trusted share distribution center (SDC) while the second one does
not. In this paper, we present a security analysis on their second
schemes. We point out that their second threshold-multisignature
scheme is vulnerable to universal forgery by an insider attacker
under reasonable assumptions. In our attack, (n-t+1) colluding
members can control the group secret key. Therefore, they can
generate valid threshold-multisignautre for any message without
the help of other members. Furthermore, honest members cannot
detect this security flaw in the system, since any t members can
generate threshold-multisignatures according to the prescribed
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .