On Key Substitution Attacks Against Aggregate Signatures and Multi-Signatures
TL;DR
This article examines key substitution attacks on aggregate and multi-signatures, where attackers forge messages and verification keys to hijack valid signatures, challenging fundamental security requirements.
On Key Substitution Attacks Against Aggregate Signatures and Multi-Signatures
Yuuki Fujita; Yusuke Sakai; Kyosuke Yamashita; Goichiro Hanaoka
https://doi.org/10.1109/ACCESS.2025.3648155
Volume 14
The most fundamental security requirement for signature schemes is unforgeability, which guarantees that no one can create a valid signature on a message without the secret signing key. However, in signature schemes, there are potential attacks in which a third party forges the message and verification key of a valid signature and “hijacks” the signature. Such attacks are referred to as key substi...