For many proofs of knowledge it is important that only the verifier designated by the confirmer can obtain any conviction of the correctness of the proof. A good example of such a situation is for undeniable signatures, where the confirmer of a signature wants t o make sure that only the intended verifier(s) in fact can be convinced about the validity or inva1idit)y of the signature. Generally,...

In this paper we propose a new designated verifier signature scheme based on the threshold signature scheme presented [9] by Ghodosi and Pieprzyk. The advantages of the new scheme compared with previously proposed solutions are its computational efficiency and its simple and rational design that allows distributed implementations of the computations and suits the needs of both single individual...

While in the ordinary digital signature model one veriier is suucient to check the validity of a given signature, there are situations in which only t out of a group of n veriiers should be able to verify the signatures. These veriiers can either be anonymous, non-anonymous or convertible non-anonymous. So far, only schemes for the anonymous shared veriication signature concept have been sugges...

In a (t, n) designated verifier threshold proxy signature scheme, an original signer can delegate his/her signing power to n proxy signers such that any t or more out of n proxy signers can sign messages on behalf of the original signer but t− 1 or less of the proxy signers cannot generate a valid proxy signature. Of course, the signature is issued for a designated receiver and therefore only t...

In the (t, n) proxy signature scheme, the signature, originally signed by a signer, can be signed by t or more proxy signers out of a proxy group of n members. Recently, an efficient nonrepudiable threshold proxy signature scheme with known signers was proposed by H.-M. Sun. Sun’s scheme has two advantages. One is nonrepudiation. The proxy group cannot deny that having signed the proxy signatur...

The paper addresses the problem of bad signature identification in batch verification of digital signatures. The number of generic tests necessary to identify all bad signatures in a batch instance, is used to measure the efficiency of verifiers. The divide-and-conquer verifier DCVα(x,n) is defined. The verifier identifies all bad signatures in a batch instance x of the length n by repeatedly s...

Artin’s braid groups have been recently suggested as a new source for public-key cryptography. In this paper we first propose the designated verifier group signature scheme based on the conjugacy search problem and the root problem in the braid groups which are believed to be hard problems. Furthermore, our scheme can conceal the message to be signed so that it can be applied to E-voting and ca...

The concept of ring signature was introduced by Rivest, Shamir and Tauman. This signature is considered to be a simplified group signature from which identity of signer is ambiguous although verifier knows the group to which signer belong. In this paper we introduce a new proxy ring signature scheme.

In 2006, Huang, Susilo, Mu and Zhang proposed the concept of restricted universal designated verifier signatures while Klonowski, Kubiak, Kutylowski and Lauks proposed independently the dual primitive of dedicated signatures. In both notions, a signature holder can convince one or more verifiers of his knowledge of a digital signature, but cannot exploit this knowledge without being punished fo...