Abstract
We show that the authority in the forward secure ring signature scheme, proposed by Liu et al. (ICICS'2011), can trace out the real signer of a signature/message pair. The weakness is due to that the signature scheme is based on bilinear groups of composite order, instead of the usual groups of prime order. We remark that the usual bilinear groups of prime order are sufficient for the construction. We will present a modification of the scheme and show its security. We also remark that the structure of bilinear groups of a large composite order could make group operation inefficient and lose the advantages of elliptic curve cryptography which gained mainly from smaller parameter size. From the practical point of view, such an algebraic structure is unlikely applicable to cryptographic schemes.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
