Skip to Main Content
In this paper, we examine homomorphic signatures that can be used to protect the integrity of network coding. In particular, Yu et al. proposed an RSA-based homomorphic signature scheme recently for this purpose. We show that their scheme in fact does not satisfy the required homomorphic property, and further, even though it can be fixed easily, still it allows no-message forgery attacks.