Abstract: Aimed at an anonymous multi-signature scheme based on DAA technology for trusted computing, this paper analyzed its security and demonstrates that it is vulnerable against signature forgery attack. The reasons why such security flaws exist in the scheme was investigated and an improved version was proposed. The improved scheme associates every signer's DAA certificate with its partial signature. The unforgcability of the final multi-signature is guaranteed because the attackers can not forge a l)八A certificate. The new scheme not only retains the major advantages but also overcomes the security flaws of the original scheme.

Key words: Cryptography, Trusted computing, DAA protocol, Multi-signature