In 1999, Araki et al. proposed a convertible limited verifier signature scheme. In this letter, we propose a universal forgery attack on their scheme. We show that any one can forge a valid signature of a user UA on an arbitrary message.

In ordinary digital signature schemes, anyone can verify signatures with signer's public key. However it is not necessary for anyone to be convinced a justification of signer's dishonorable message such as a bill. It is enough for a receiver only to convince outsiders of signature's justification if the signer does not execute a contract. On the other hand there exist messages such as official documents which will be first treated as limited verifier signatures but after a few years as ordinary digital signatures. We will propose a limited verifier signature scheme based on Horster-Michels-Petersen's authenticated encryption schemes, and show that our limited verifier signature scheme is more efficient than Chaum-Antwerpen undeniable signature schemes in a certain situation. And we will propose a convertible limited verifier signature scheme based on our limited verifier signature scheme, and show that our convertible limited verifier signature scheme is more efficient than Boyar-Chaum-Damg rd-Pedersen convertible undeniable signature schemes in a certain situation.