Cryptanalysis of a signature scheme without using one—way Hash functions*
GUO Li—Feng LI Yong , , HU Lei
(1 State脚Laboratory of h!fornmtion Security,Graduate University the Chinese Academy D,Scierwes,Beijing 100049,China
2 School of Electronics and Information Engineering,Beijing Jiaotong University,Beijing 100044,China;
3 Beifing Municipal Commission E《Education,K Laboratory对Communication&Information Systems,
Beijing Jiaotong University,Beijing 100044,China)
(Received 28 June 2007;Revised 18 January 2008)
Abstract
In 2004,Chang, et a1.proposed a digital signature scheme without using one—way hash function and message redundancy schemes.But Zhang showed that the scheme can be forged.In order to overcome Zhang’s attack,Zhang, et a1.demonstrated an improved signature scheme based on Chang et a1.’s signature scheme and analyzed the security of the improved scheme
. But in this paper.we identify a simple attack to show Zhang, et a1.’s scheme is still not secure.To resist this attack, the hash function and message redundancy schemes may be still used.
Key words digital signature,message recovery,redundancy message,hash message
如果 Zhang 及 Wang 提出的 An improved signature scheme without using one-way Hash function 本身内容就有错,那郭丽峰, 李勇 and 胡磊根据 Zhang-Wang 的内容提出一个无单向Hash函数的签名方案的安全性分析是不是也是有错的!?