Cryptanalysis of a Partially Blind Signature Scheme or How to Make $100 Bills with $1 and $2 Ones

  • Gwenaëlle Martinet
  • Guillaume Poupard
  • Philippe Sola
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4107)


Partially blind signature scheme is a cryptographic primitive mainly used to design efficient and anonymous electronic cash systems. Due to this attractive application, some researchers have focused their interest on it. Cao, Lin and Xue recently proposed such a protocol based on RSA. In this paper we first show that this protocol does not meet the anonymous property since the bank is able to link a signature with a user. We then present a cryptanalysis of this scheme. In practical applications, a consequence would be the possibility for an attacker to forge, for example, valid $100 bills after the withdrawal of only two bank notes of $1 and $2.


Cryptanalysis partially blind signature electronic cash 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abe, M., Fujisaki, E.: How to Date Blind Signatures. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 244–251. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  2. 2.
    Abe, M., Okamoto, T.: Provably Secure Partially Blind Signatures. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 271–286. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Cao, T., Lin, D., Xue, R.: A randomized RSA-based partially blind signature scheme for electronic cash. Computers and Security 24(1), 44–49 (2005)CrossRefGoogle Scholar
  4. 4.
    Chaum, D.: Blind Signatures for Untraceable Payments. In: Crypto 1982, Plenum, NY, pp. 199–203 (1983)Google Scholar
  5. 5.
    Juels, A., Luby, M., Ostrovsky, R.: Security of Blind Digital Signatures. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, Springer, Heidelberg (1997)Google Scholar
  6. 6.
    Pointcheval, D., Stern, J.: Security Arguments for Digital Signatures and Blind Signatures. Journal of Cryptology 13(3), 361–396 (2000)zbMATHCrossRefGoogle Scholar
  7. 7.
    Shamir, A.: On the Generation of Cryptographically Strong Pseudo-Random Sequences. ACM Transaction on Computer Systems 1(1), 38–44 (1983)CrossRefMathSciNetGoogle Scholar
  8. 8.
    Tsiounis, Y.: Efficient Electronic Cash: New Notions and Techniques. PhD thesis, Northeastern University (June 1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Gwenaëlle Martinet
    • 1
  • Guillaume Poupard
    • 1
  • Philippe Sola
    • 1
  1. 1.DCSSI Crypto LabParis 07 SPFrance

Personalised recommendations