In order to improve the authentication efficiency of information transmitted through trust train ,Qin Yanlin proposed a certificateless sequential multi-signature scheme with constant signature length ,and proved that their scheme is secure. This article points out that Qin’s scheme has serious security flaws. By giving specific attacks,an adversary can tamper with any information on the trust path,and can forge all node multi-signatures.%为了提高分布式环境下信任链上推荐信息的认证效率,秦艳琳等人提出一个高效的有固定签名长度的无证书有序多重签名方案,并证明了她们的方案是安全的。但是,秦方案的设计存在安全缺陷,通过具体攻击方法进行分析,结果显示,任意一个敌手都可以篡改其信任路径上的信息,可以伪造所有节点对信息的多重签名。
展开▼
