Skip to Main Content
Recently, Chang et al. proposed a new digital signature scheme with message recovery without using oneway hash functions or message redundancy schemes. However, Zhang et al. found that Chang et al.'s signature scheme is not secure. He proposed a kind of forgery attack; anyone who has a valid signature generated by the signer, can forge a valid signature, and claimed that only using one-way hash functions or message redundancy schemes can overcome these flaws. In this paper, we first initiate a more simple and efficient universal forgery attack on Chang et al.'s signature scheme compared with Zhang et al.'s attack; anyone can forge a valid signature without using any valid signatures of the signer. Also, we propose an improved signature scheme without using one way hash functions or message redundancy, which can resist the forgery attacks.