Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Untraceable off-line cash in wallet with observers
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Efficient Electronic Cash Using Batch Signatures
ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
Preventing Double-Spent Coins from Revealing User's Whole Secret
ICISC '99 Proceedings of the Second International Conference on Information Security and Cryptology
Provably Secure Partially Blind Signatures
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
A Provably Secure Restrictive Partially Blind Signature Scheme
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A new design of efficient partially blind signature scheme
Journal of Systems and Software
Cryptanalysis of Huang-Chang partially blind signature scheme
Journal of Systems and Software
ID-based restrictive partially blind signatures and applications
Journal of Systems and Software
ID-based fair off-line electronic cash system with multiple banks
Journal of Computer Science and Technology
Cryptanalysis of a partially blind signature scheme or how to make $100 bills with $1 and $2 ones
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
Efficient provably secure restrictive partially blind signatures from bilinear pairings
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
Hi-index | 0.00 |
Restrictive partially blind signature (RPBS) plays an important role in designing secure electronic cash system. Very recently, Wang, Tang and Li proposed a new ID-based restrictive partially blind signature (ID-RPBS) and gave the security proof. In this paper, we present a cryptanalysis of the scheme and show that the signature scheme does not satisfy the property of unforgeability as claimed. More precisely, a user can forge a valid message-signature pair (ID, msg, info′, σ′) instead of the original one (ID, msg, info, σ), where info is the original common agreed information and info′ ≠ info. Therefore: it will be much dangerous if Wang-Tang-Li's ID-RPBS scheme is applied to the off-line electronic cash system. For example, a bank is supposed to issue an electronic coin (or bill) of $100 to a user, while the user can change the denominartiion of the coin (bill) to any value, say $100 000 000, at his will.