Journal:Informatica
Volume 18, Issue 1 (2007), pp. 61–66
Abstract
A generalized group-oriented cryptosystem (GGOC) based on ElGamal cryptosystem was proposed by Yang et al. in 2003. This study shows that if the authorized decryption sets of users are not properly predetermined in Yang et al.'s GGOC, an unauthorized decryption set of users can recover the encrypted message without difficulty. This study also presents an improved protocol to resist such an attack.
Journal:Informatica
Volume 18, Issue 1 (2007), pp. 55–60
Abstract
Recently, Chen, Chung, and Huang proposed a traceable proxy multisignature scheme based on the elliptic curve cryptosystem. However, this paper shows that the original signers can produce a valid signature as the proxy signer does in the proxy protected scheme. Therefore, Chen et al.'s proxy-protected scheme cannot protect the proxy signer from being forged by the original signers. We further find that the early work of Chen et al. in 2003 suffers the same attack. To overcome this problem, an improved scheme will be presented.
Journal:Informatica
Volume 14, Issue 2 (2003), pp. 195–204
Abstract
In an internet environment, such as UNIX, a remote user has to obtain the access right from a server before doing any job. The procedure of obtaining acess right is called a user authentication protocol. User authentication via user memorable password provides convenience without needing any auxiliary devices, such as smart card. A user authentication protocol via username and password should basically withstand the off‐line password guessing attack, the stolen verifier attack, and the DoS attack. Recently, Peyravian and Zunic proposed one password transmission protocol and one password change protocol. Later, Tseng et al. (2001) pointed out that Peyravian and Zunic's protocols can not withstand the off‐line password guessing attack, and therefore proposed an improved protocol to defeat the attack. Independently, Hwang and Yeh also showed that Peyravian and Zunic's protocols suffer from some secury flaws, and an improved protocol was also presented. In this paper, we show that both Peyravian and Zunic's protocols and Tseng et al.'s improved protocol are insecure against the stolen verifier attack. Moreover, we show that all Peyravian and Zunic's, Tseng et al.'s, and Hwang and Yeh's protocols are insecure against DoS attack.
Journal:Informatica
Volume 14, Issue 1 (2003), pp. 85–94
Abstract
A group signature scheme is a digital signature scheme that allows a group member to sign messages anonymously on behalf of the group. Recently, Tseng and Jan proposed two group signature schemes based on self‐certified and ID‐based public keys respectively. However, these two schemes were shown to be insecure against forgery due to Joye et al. Later, Sun et al. showed that Tseng and Jan's self‐certified group signature scheme is linkable. In this paper, we first point out that the proposed linking equation, which is used to check the linkability of Tseng and Jan's self‐certified scheme, cannot work because the inverse problem of RSA is hard. A repaired linking equation is consequently proposed to fix this problem. Then, we show that Tseng and Jan's ID‐based scheme is still linkable because given any two valid group signatures it is easy to decide whether these two group signatures are generated by the same group member or not.