A strong designated verifier signature (SDVS) scheme only allows a designated verifier to validate signer’s signatures for ensuring confidentiality. At the same time, the designated verifier can not transfer the signature to any third party, since he can also generate another computationally indistinguishable SDVS, which is referred to as non-transferability. A proxy signature scheme is a speci...

Proxy blind signature is a combination 0f both the properties of proxy signature and blind signature scheme. This scheme is useful in many applications like e-voting, e-payment and mobile agent environments. This paper presents a new proxy blind signature scheme based on discrete logarithm problem(DLP), which satisfies the secure properties of both the blind signature scheme and the proxy signa...

We propose a robust proactive threshold signature scheme, a multisignature scheme and a blind signature scheme which work in any Gap Diffie-Hellman (GDH) group (where the Computational DiffieHellman problem is hard but the Decisional Diffie-Hellman problem is easy). Our constructions are based on the recently proposed GDH signature scheme of Boneh et al. [8]. Due to the instrumental structure o...

Chameleon signatures simultaneously provide the properties of nonrepudiation and non-transferability for the signed message. However, the initial constructions of chameleon signatures suffer from the problem of key exposure. This creates a strong disincentive for the recipient to forge signatures, partially undermining the concept of non-transferability. Recently, some specific constructions of...

Article history: Received 8 April 2010 Received in revised form 18 March 2011 Accepted 28 March 2011 Available online 6 May 2011 0045-7906/$ see front matter 2011 Elsevier Ltd doi:10.1016/j.compeleceng.2011.03.011 q Reviews processed and approved for publication ⇑ Corresponding author. E-mail address: [email protected] (X. Chen). Chameleon signatures simultaneously provide the properties of ...

A major security goal for signature schemes is to prevent an adversary from producing new valid signatures even though he can receive valid signatures of any messages from the legitimate signer. On the one hand the security of elliptic curve signature schemes, as ECDSA, ECGDSA, or ECKCDSA, is based on the elliptic curve discrete logarithm problem, respectively on the security of the used hash f...

This paper proposes a new ecient signature scheme from bilinear maps that is secure in the standard model (i.e., without the random oracle model). Our signature scheme is more eective in many applications (e.g., blind signatures, group signatures, anonymous credentials etc.) than the existing secure signature schemes in the standard model. As typical applications of our signature scheme, this p...

Limited distribution notes: This report has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher its distribution outside the University of Technology Chemnitz-Zwickau prior to publication should be limited to peer communications and speciic requests. After outside publication, requests should be lled only by rep...

In this paper we discuss protocols that allow a user to subscribe to an electronic service, and then anonymously access the service. That is, the provider does not know who accesses the service at any time, and moreover he cannot link two accesses to the same person. On the other hand, the supplier obtains proof that the user is authorized to access the service. We formally define the problem, ...

Proxy signature is a signature scheme that an original signer delegates his/her signing capability to a proxy signer, and then the proxy signer creates a signature on behalf of the original signer. In this paper we show various attack scenarios against previous proxy signature schemes, which shows that proxy signature schemes should be designed very carefully. Based on these weaknesses, we prov...