Thanks - well I think the first thing is to work out the scope of the problem.

In Bitcoin the problem is rather far-reaching as it includes ECDSA signatures themselves as well as problems with scripts.

At this stage I don't know enough about the Nxt protocol to comment - but fundamentally what we need to do is make sure that a Nxt tx is signed as a whole (so nothing is outside of what is signed apart from the sig) and that the sig itself cannot have an equivalent (with say leading zeroes).