An Order-Specified Multisignature Scheme Secure against Active Insider Attacks

  • Mitsuru Tada
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2384)


In an order-specified multisignature scheme, one can verify not only a set of signers who have signed the message but also its signing order. Though we have seen several scheme with such properties proposed, none of them is given the security proof against active adversaries. In the scheme by [6], no polynomial-time active adversary can forge a signature for a new message, but it is possible for active adversaries to forge a signature changing its signing order. Furthermore, that scheme has the restriction that the possible signing orders are only ones of the type of serial signing. In this paper, we propose an order-specified multisignature scheme, which is shown to be secure against adaptive chosen-message insider attacks for bath a message and a signing order, and which allows the signing orders to form like any series-parallel graphs unlike the scheme [6]. The security is shown by using ID-reduction technique, which reduces the security of multisignature schemes to those of multi-round identification schemes. Furthermore, we discuss the efficiency of the proposed scheme and the upper bound of the possible number of participating signers.


Success Probability Signature Scheme Initial Vertex Terminal Vertex Security Proof 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Bellare and P. Rogaway: “Random oracles are practical: a paradigm for designing efficient protocols”, Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS), 1993.Google Scholar
  2. 2.
    H. L. Bodlaender and B. de Fluiter: “Parallel algorithm for series parallel graphs”, Europian Symposium on Algorithms, pp. 277–289, 1996.Google Scholar
  3. 3.
    M. Burmester, Y. Desmedt, H. Doi, M. Mambo, E. Okamoto, M. Tada and Y. Yoshifuji: “A structured ElGamal-type multisignature scheme”, Proceedings of PKC2000, Lecture Notes in Computer Science 1751, pp. 466–483, Springer-Verlag, 2000.Google Scholar
  4. 4.
    H. Doi, M. Mambo and E. Okamoto: “On the security of the RSA-based multisignature scheme for various group structure”, Proceedings of ACISP2000, Lecture Notes in Computer Science 1841, pp. 352–367, Springer-Verlag, 2000.Google Scholar
  5. 5.
    S. Mitomi and A. Miyaji: “A multisignature scheme with message flexibility, order flexibility and order verifiability”, Proceedings of ACISP2000, Lecture Notes in Computer Science 1841, pp. 298–312, Springer-Verlag, 2000.Google Scholar
  6. 6.
    K. Ohta and T. Okamoto: “Multi-signature schemes secure against active insider attacks”, IEICE transactions of fundamentals, vol. 82-A, no. 1, pp. 22–31, 1999.Google Scholar
  7. 7.
    K. Ohta and T. Okamoto: “Generic construction methods of multi-signature schemes”, Proceedings of The 2001 Symposium on Cryptography and Information Security (SCIS2001), vol. I, pp. 31–36, 2001.Google Scholar
  8. 8.
    D. Pointcheval and J. Stern: “Security arguments for digital signatures and blind signatures”, Journal of cryptology, vol. 13, no. 3, pp. 361–396, Springer-Verlag, 2000.zbMATHCrossRefGoogle Scholar
  9. 9.
    C. P. Schnorr: “Efficient signature generation by smart cards”, Journal of cryptology, vol. 4, pp. 161–174, Springer-Verlag, 1991.zbMATHCrossRefGoogle Scholar
  10. 10.
    A. Shimbo: “Design of a modified ElGamal signature scheme”, Workshop on Design and Evaluation of Cryptographic Algorithms, pp. 37–44, 1996.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Mitsuru Tada
    • 1
  1. 1.Institute of Media and Information TechnologyChiba UniversityJapan

Personalised recommendations