1-3hit |
Multisignature scheme realizes that plural users generate the signature on a message, and that the signature is verified. Various studies on multisignature have been proposed. They are classified into two types: RSA-based multisignature, and discrete logarithm problem (DLP) based multisignature, all of which assume that a message is fixed beforehand. In a sense, these schemes do not have a feature of message flexibility. Furthermore all schemes which satisfy with order verifiability designate order of signers beforehand. Therefore these protocols have a feature of order verifiability but not order flexibility. For a practical purpose of circulating messages soundly through Internet, a multisignature scheme with message flexibility, order flexibility and order verifiability should be required. However, unfortunately, all previous multisignature do not realize these features. In this paper, we propose a general model of multisignature schemes with flexibility and verifiability. We also present two practical schemes based on DLP based message recover signature and RSA signature, respectively.
Shin-Jia HWANG Chin-Chen CHANG
In this paper, we propose a new secure server-aided RSA secret computation protocol which guards against not only the attacks in [1],[2],[15],[18] but also the new powerful active attacks in [3],[4]. The new protocol is also efficient to support high security level.
Recently, two new efficient server-aided RSA secret computation protocols were proposed. They are efficient and can guard against some active attacks. In this letter, we propose two multi-round active attacks which can effectively reduce their security level even break them.