As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and mos...As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and most of them were proven secure under certain complexity assumptions. In this paper, however, we find that although some schemes are secure in a single-user setting, they are not secure in a multi-user setting any more. We show that Zhang, et al. ' s scheme, Gorantla, et al. ' s scheme and Ming, et al. ' s scheme are vulnerable to key substitution attacks, where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users. We also show that this kind of attacks can breach the fairness when they are used in fair exchange in a multi-user setting.展开更多
基金Supported by the National High Technology Research and Development Programme of China ( No. 2008AA092301 ) and the National Natural Science Foundation of China (No. 50879014).
文摘As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and most of them were proven secure under certain complexity assumptions. In this paper, however, we find that although some schemes are secure in a single-user setting, they are not secure in a multi-user setting any more. We show that Zhang, et al. ' s scheme, Gorantla, et al. ' s scheme and Ming, et al. ' s scheme are vulnerable to key substitution attacks, where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users. We also show that this kind of attacks can breach the fairness when they are used in fair exchange in a multi-user setting.
