Concurrent Signatures
نویسندگان
چکیده
We introduce the concept of concurrent signatures. These allow two entities to produce two signatures in such a way that, from the point of view of any third party, both signatures are ambiguous with respect to the identity of the signing party until an extra piece of information (the keystone) is released by one of the parties. Upon release of the keystone, both signatures become binding to their true signers concurrently. Concurrent signatures fall just short of providing a full solution to the problem of fair exchange of signatures, but we discuss some applications in which concurrent signatures suffice. Concurrent signatures are highly efficient and require neither a trusted arbitrator nor a high degree of interaction between parties. We provide a model of security for concurrent signatures, and a concrete scheme which we prove secure in the random oracle model under the discrete logarithm assumption.
منابع مشابه
Asymmetric Concurrent Signatures
The concept of concurrent signatures allows two entities to produce two signatures in such a way that, the signer of each signature is ambiguous from a third party’s point of view until the release of a secret, known as the keystone. Once the keystone is released, both signatures become binding to their respective signers concurrently. Previous concurrent signature schemes use the concept of ri...
متن کاملThe Fairness of Perfect Concurrent Signatures
In Eurocrypt 2004, Chen, Kudla and Paterson introduced the concept of concurrent signatures, which allow two parties to produce two ambiguous signatures until the initial signer releases an extra piece of information (called keystone). Once the keystone is publicly known, both signatures are bound to their true signers concurrently. In ICICS 2004, Susilo, Mu and Zhang further proposed perfect c...
متن کاملGeneric Construction of (Identity-Based) Perfect Concurrent Signatures
The notion of concurrent signatures was recently introduced by Chen, Kudla and Paterson. In concurrent signature schemes, two entities can produce two signatures that are not binding, until one of the parties releases an extra piece of information (namely the keystone). Subsequently, it was noted that the concurrent signature scheme proposed in the seminal paper cannot provide perfect ambiguity...
متن کاملAnalysis and Improvements of Two Identity-Based Perfect Concurrent Signature Schemes
The notion of concurrent signatures was introduced by Chen, Kudla and Paterson in their seminal paper in Eurocrypt 2004. In concurrent signature schemes, two entities can produce two signatures that are not binding, until an extra piece of information (namely the keystone) is released by one of the parties. Upon release of the keystone, both signatures become binding to their true signers concu...
متن کاملA provably secure code-based concurrent signature scheme
Concurrent signatures allow two entities to generate two signatures in such a way that both signatures are ambiguous till some information is revealed by one of the parties. This kind of signature is useful in auction protocols and a wide range of scenarios in which involving participants are mutually distrustful. In this paper, to have quantum-attack-resistant concurrent signatures as recommen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004