On the Security of Generalization of Threshold Signature and Authenticated Encryption

Yuh-Min TSENG  Jinn-Ke JAN  Hung-Yu CHIEN  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E84-A   No.10   pp.2606-2609
Publication Date: 2001/10/01
Online ISSN: 
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Information Security
cryptography,  threshold signature,  group-oriented cryptography,  authenticated encryption,  

Full Text: PDF(141.4KB)>>
Buy this Article

In 2000, Wang et al. proposed a new (t,n) threshold signature scheme with (k,l) threshold shared verification. Meanwhile, integrating the idea of message recovery, they also proposed a (t,n) threshold authenticated encryption scheme with (k,l) threshold shared verification. However, this article will show that both proposed schemes are insecure, because any malicious attacker can obtain the group secret keys from two valid threshold signatures. Thus, the attacker may solely forge or verify a threshold signature. An improvement to overcome the attacks is proposed.