Designated Verifier Signatures: Anonymity and Efficient Construction from Any Bilinear Map
نویسندگان
چکیده
The concept of Designated Verifier Signatures (DVS) was introduced by Jakobsson, Sako and Impagliazzo at Eurocrypt’96. These signatures are intended to a specific verifier, who is the only one able to check their validity. In this context, we formalize the notion of privacy of signer’s identity which captures the strong designated verifier property investigated in their paper. We propose a variant of the pairing-based DVS scheme introduced at Asiacrypt’03 by Steinfeld, Bull, Wang and Pieprzyk. Contrary to their proposal, our new scheme can be used with any admissible bilinear map, especially with the low cost pairings and achieves the new anonymity property (in the random oracle model). Moreover, the unforgeability is tightly related to the GapBilinear Diffie-Hellman assumption, in the random oracle model and the signature length is around 75 % smaller than the original proposal.
منابع مشابه
Multi-designated Verifiers Signatures
Designated verifier signatures were introduced in the middle of the 90’s by Jakobsson, Sako and Impagliazzo, and independenty patended by Chaum as private signatures. In this setting, a signature can only be verified by a unique and specific user. At Crypto’03, Desmedt suggested the problem of generalizing the designated verifier signatures. In this case, a signature should be intended to a spe...
متن کاملNew Paradigms in Signature Schemes
Digital signatures provide authenticity and nonrepudiation. They are a standard cryptographic primitive with many applications in higher-level protocols. Groups featuring a computable bilinear map are particularly well suited for signature-related primitives. For some signature variants the only construction known uses bilinear maps. Where constructions based on, e.g., RSA are known, bilinear-m...
متن کاملNew Paradigms in Signature Schemes a Dissertation Submitted to the Department of Computer Science and the Committee on Graduate Studies of Stanford University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy
Digital signatures provide authenticity and nonrepudiation. They are a standard cryptographic primitive with many applications in higher-level protocols. Groups featuring a computable bilinear map are particularly well suited for signature-related primitives. For some signature variants the only construction known uses bilinear maps. Where constructions based on, e.g., RSA are known, bilinear-m...
متن کاملConvertible limited (multi-) verifier signature: new constructions and applications
A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we first present a generic construction of convertible limited verifier signature (CLVS) into which...
متن کاملGeneric constructions for universal designated-verifier signatures and identitybased signatures from standard signatures
We give a generic construction for universal designated-verifier signature schemes from a large class, C, of signature schemes. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. We also ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004