Recently, Ham proposed a digital signature for Diffie-Hellman public k
eys without using a one-way function (Electron. Lett., 1997, 33, (2),
pp.125-126). In the Letter, the authors show that Ham's digital signat
ure is not secure enough to withstand the Nyberg-Rueppel attack. That
is, an adversary who discloses one session key can obtain all the othe
r session keys subsequently distributed by the same key exchange proto
col. An improvement to Ham's digital signature that can overcome the w
eakness stated above is also proposed.