Message Substitute Attack on Concurrent Signatures Protocol and its Improvement

Abstract

At Eurocrypt 2004, the concept of concurrent signatures was introduced by Chen, Kudla and Paterson. Concurrent signatures contribute a novel approach for the traditional problem of fair exchange of signatures. In this paper a general attack named the message substitute attack to the existing concurrent signatures protocol is proposed. Under the message substitute attack there is no concurrent in the existing concurrent signatures protocols including perfect concurrent signatures (PCS) protocol proposed by Susilo et al and its improvement iPCS1 protocol proposed by Guilin Wang et al. To prevent the message substitute attack, an i2PCS1 protocol which is an improvement on iPCS1 protocol is proposed. Further more an i3PCS1 protocol which is another improvement on iPCS1 protocol is proposed, the distinct advantage of i3PCS1 protocol is that its keystones are not published by the initial signer Alice finally but by the matching signer Bob, so that the matching signer Bob has some advantage over the initial signer Alice, while in almost all previous concurrent signatures protocols the initial signer Alice has some advantage. So the i3PCS1 Protocol differs from the previous concurrent signatures protocols.