A digital multisignature scheme based on the Fiat-Shamir scheme

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 739)


We show the sequential multisignature scheme based on the Fiat-Shamir scheme which is a slight variant of simultaneous multisignature scheme, and discuss the security of a digital multisignature scheme. The following properties are proven;
  1. (1)

    The difficulty of deriving secret information from public information in a multisignature scheme with already used signatures is equivalent to that of deriving it in a single signature scheme; and

  2. (2)

    The difficulty of forging a partial multisignature so that the total multisignature is valid is equivalent to that of deriving a single signature in the Fiat-Shamir scheme.



Smart Card Signature Scheme Polynomial Time Algorithm Security Level Identification Information 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BLY]
    Brickell, E., Lee, P. and Yacobi, Y.: “Secure Audio Teleconference,” Advances in Cryptology — Crypto'87, Lecture Notes in Computer Science 293, 1988, pp.429–433Google Scholar
  2. [D]
    Davies, D. W.: “Applying the RSA digital signature to electric mail,” IEEE Computer (Feb. 1983), pp.55–62Google Scholar
  3. [FFS]
    Feige, U., Fiat, A. and Shamir, A.: “Zero Knowledge Proofs of Identity,” Proceedings of the 19th Annual ACM Symposium on Theory of Computing, 1987, pp.210–217Google Scholar
  4. [FS]
    Fiat, A. and Shamir, A.: “How to Prove Yourself: Practical Solution to Identification and Signature Problems,” Advances in Cryptology — Crypto'86, Lecture Notes in Computer Science 263, 1987, pp.186–199Google Scholar
  5. [GQ1]
    Guillou, L.C., and Quisquater, J.J.: “A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Tranamission and Memory,” Eurocrypt'88 Abstracts, 1988, pp.71–75Google Scholar
  6. [GQ2]
    Guillou,L.C., and Quisquater,J.J.:“A Paradoxical Identity-Based Signature Scheme Resulting from Zero-Knowledge,” Proceedings of Crypto'88,Lecture Notes in Computer Science 403, 1988, pp.216–231Google Scholar
  7. [GJ]
    Garey, M. R., and Johnson, D. S.: “Computers and Intractability — A Guide to the Theory of NP-Completeness,” W. H. Greeman, San Francisco, 1979Google Scholar
  8. [IN]
    Itakura, K., and Nakamura, K.: “A public-key cryptosystem suitable for digital multisignature,” NEC J. Res. Dev. 71 (Oct. 1983)Google Scholar
  9. [O]
    Okamoto, T.: “A digital Multisignature Scheme Using Bijective Public-Key Cryptosystems,” ACM Trans. on Comp. Systems, Vol. 6, No. 8, 1988, pp.432–441CrossRefGoogle Scholar
  10. [OO]
    Ohta, K. and Okamoto, T.: “Practical Extension of Fiat-Shamir Scheme,” Electron.Lett., 24, No. 15, 1988, pp.955–956 (Revised version: Proceedings of Crypto'88, 1988, pp.232–243)Google Scholar
  11. [OS]
    Okamoto, T., and Shiraishi, A.: “A fast signature scheme based on quadratic inequalities,” Proceedings of the IEEE Symposium and Provacy (Oakland, Calif., April, 1979), IEEE, New York, 1985, pp.123–132 (Revised version: IEEE Trans. Information Theory, Vol.IT-36, No.1, 1990, pp.47–53)Google Scholar
  12. [OSK]
    Okamoto, T., Shiraishi, A., and Kawaoka, T.: “A Single Public-Key Authentication Scheme for Multiple Users,” Technical report of IECE Japan, IN83-92 (January 1984) (Revised version: Systems and Computers in Japan, 18, 10, pp.14–24 (1987); translated from IECE Japan Transactions, J69-D, 10, pp.1481–1489 (1986)).Google Scholar
  13. [R]
    Rabin, M. O.: “Digitalized signatures and public-key functions as intractable as factorization,” Tech. Rep. MIT/LCS/TR-212, MIT, Cambridge, Mass., 1979Google Scholar
  14. [RSA]
    Rivest, R.L., Shamir, A. and Adleman, L.: “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communication of the ACM, Vol. 21, No. 2, 1978, pp.120–126CrossRefGoogle Scholar
  15. [S]
    Shamir, A.: “Identity-based cryptosystems and signature schemes”, Proceedings of Crypto'84, Lecture Notes in Computer Science 196, 1985, pp.47–53.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  1. 1.NTT LaboratoriesNippon Telegraph and Telephone CorporationKanagawa-kenJapan

Personalised recommendations