Cryptanalysis of some signature schemes with message recovery

摘要

The notion of a self-certified public key was introduced by Girault in 1991. Recently, Tseng, Jan and Chien proposed a digital signature scheme with message recovery and some variants extended from the self-certified public key system proposed by Girault. A trusted system authority is assumed in their schemes. Chang et al. propose digital signature schemes that provide the same properties as Tseng et al.’s method without the assumption that the system authority is trustworthy.In this paper, we show that Tseng et al.’s signature schemes are existential forgable after getting a valid message–signature pair, and Chang et al.’s improved signature schemes are still not secure against an un-trusted system authority.