An Attack on Not-interactive Designated Verifier Proofs for Undeniable Signatures
نویسنده
چکیده
At Crypto’89, Chaum and van Antwerpen first introduced the concept of undeniable signatures, which has a special property such that a signature cannot be verified without the signer’s cooperation. In 1996, Jakobsson, Sako, and Impagliazzo proposed a not-interactive undeniable signature scheme by employing a new primitive called designated verifier proofs. However, this paper shows that their scheme is insecure by demonstrating a simple attack that allows a dishonest signer to convince a designated verifier receiving invalid signatures. In addition, two intuitive countermeasures are presented.
منابع مشابه
Non-interactive Designated Verifier Proofs and Undeniable Signatures
Non-interactive designated verifier (NIDV) proofs were first introduced by Jakobsson et al. and have widely been used as confirmation and denial proofs for undeniable signature schemes. There appears to be no formal security modelling for NIDV undeniable signatures or for NIDV proofs in general. Indeed, recent work by Wang has shown the original NIDV undeniable signature scheme of Jakobsson et ...
متن کاملDesignated Verifier Proofs and Their Applications
For many proofs of knowledge it is important that only the verifier designated by the confirmer can obtain any conviction of the correctness of the proof. A good example of such a situation is for undeniable signatures, where the confirmer of a signature wants t o make sure that only the intended verifier(s) in fact can be convinced about the validity or inva1idit)y of the signature. Generally,...
متن کاملUniversal Undeniable Signatures
In this paper, we provide a new approach to study undeniable signatures by translating secure digital signatures to secure undeniable signatures so that the existing algorithms can be used. Our mechanism is that any verifier without trapdoor information cannot distinguish whether a message is encoded from Diffie-Hellamn resource D or random resource R while a signer with trapdoor information ca...
متن کاملSpecial Signature Schemes and Key Agreement Protocols
This thesis is divided into two distinct parts. The first part of the thesis explores various deniable signature schemes and their applications. Such schemes do not bind a unique public key to a message, but rather specify a set of entities that could have created the signature, so each entity involved in the signature can deny having generated it. The main deniable signature schemes we examine...
متن کاملStrong designated verifier signature scheme: new definition and construction
Recently, several strong designated verifier signature schemes have been proposed in the literature. In this paper, we first point out that such so-called strong designated verifier signature scheme is just message authentication code HMAC. Without the key property, unforgeability, for signatures, these schemes cannot enable signers to have complete controls over their signatures as demanded by...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2003 شماره
صفحات -
تاریخ انتشار 2003