Skip to Main Content
Digital signature is an important cryptographical tool. In a digital signature with using self-certified public key, the verification signature and public key can be carried out in a logic step. Recently, Tseng et al proposed a digital signature schemes with using self-certified public key. Unfortunately, Shao et.al showed that the scheme was insecure, and gives an improvement scheme. In this works, we analyze security of Shao et.al scheme and his attack and show that the attack is not powerful and the improvement scheme can not resist middle-in-man attack. Namely, when an adversary controls the communication channel between the signer Ui and Uj, he can tamper's signature on the message M, which is sent to Uj, as his signature on the message M under the condition of not knowing the message M. This attack is very frightful over the internet transactions.