LETTER International Journal of Network Security, Vol.11, No.2, PP.118–120, Sept. 2010 118 An MSS Based on the Elliptic Curve Cryptosystem Hemlal Sahu and Birendra Kumar Sharma (Corresponding author: Hemlal Sahu) School of Studies in Mathematics, Pt. Ravishankar Shukla University Raipur (C.G.), 492010 India (Email: {hemlalsahu; sharmabk07}@gmail.com) (Received Feb. 11, 2009; revised and accepted Apr. 21, 2009) Abstract In 2004, a multi-signature scheme (MSS) based on the elliptic curve cryptosystem is given by Chen et al. [1]. Later, Liu and Liu [6] showed that if one of the users al- ways sends his data in the last during each steps of the key generation and multi-signature generation phase then MSS becomes insecure. In this paper we propose a scheme which prevents the system from such insecurity. Also, in the proposed scheme, we provide security with more ef- ficiency by considering only one point of elliptic curve in the place of two points considered in MSS. Keywords: Digital multi-signature scheme, elliptic curve cryptosystem (ECC), elliptic curve discrete logarithm problem 1 Introduction A digital signature is an electronic analogue of hand writ- ten signature. That is, a digital signature allows the receiver of a message to convince any third party that the message in fact originated from the sender. Digi- tal signatures play important role in our modern elec- tronic society since they have the properties of integrity and authentication. The integrity property ensures that the received message is not modified and the authenti- cation property ensures that the sender is not imperson- ated. In well-known conventional digital signature such as Diffie-Hellman system [2], RSA system [7] and ElGamal system [3], a single signer is sufficient to produce a valid signature and anyone else can verify the validity of signa- ture. Itakura and Nakamura [5] proposed the first multi- signature scheme in which multiple signers can co-operate to sign the same message and any verifier can verify the validity of the multi-signature. Public-key identification schemes prevent online systems or electronic cash from unauthorized access and unauthorized transfer. Such a signature scheme involving the hash function can resist the chosen-message attack and prevent the signature from being forged. The ECC is constructed from integer points on the elliptic curve in finite fields, whose basic operations include addition and multiplication under the ECC Is-ill. The operations associated with ECC are more efficient than those associated with other cryptosystems, includ- ing the RSA [7] and the DSA [3]. Besides, the ECC is applied herein to research digital signatures and is de- veloped to promote the security and execution efficiency of a cryptosystem. A one-way hash function is designed herein with two characteristics: the output is of a fixed length, unlike the input, which is of variable length; also the length of the signed message can be reduced by apply- ing the hash function, so that the chosen-message attack, as defined by ElGamal [3] and Harn [4], can be resisted. 2 System Initialization Phase The preparatory procedure for initializing the system is selecting the following commonly required parameters over the elliptic curve domain. 1) A field size q, which is selected such that, q = p if p is an odd prime; otherwise, q =2 m , as q is a prime power. 2) Two parameters a, bǫF q that define the equation of elliptic curve E over F q (y 2 = x 3 + ax + b (mod q) in the case q> 3, where 4a 3 + 27b 2 = 0 (mod q)). 3) A finite point B whose order is a large prime number n in E(F q ), where B = O (O denotes infinity). 4) A positive integer t, which is the secure parameter, e.g., t ≥ 72. 3 Key Generation Phase All members of the group U i (1 ≤ i ≤ N ) generate the keys, as follows.