It is proved that the digital signaturescheme with one-time pair of keys proposed by X. Yi etal. In Electronics Letters in 2000 is insecure, I.e. Theadversary can arbitrarily produce another valid sig-nature on the message, provided that he/she knows adata item of the signer's certificate and a message'ssignature. A modified version of the scheme is pro-vided.
展开▼
