Universal Designated Verifier Signature Proof (or How to Efficiently Prove Knowledge of a Signature)
نویسندگان
چکیده
Proving knowledge of a signature has many interesting applications. As one of them, the Universal Designated Verifier Signature (UDVS), introduced by Steinfeld et al. in Asiacrypt 2003 aims to protect a signature holder’s privacy by allowing him to convince a verifier that he holds a valid signature from the signer without revealing the signature itself. The essence of the UDVS is a transformation from a publicly verifiable signature to a designated verifier signature, which is performed by the signature holder who does not have access to the signer’s secret key. However, one significant inconvenience of all the previous UDVS schemes considered in the literature is that they require the designated verifier to create a public key using the signer’s public key parameter and have it certified to ensure the resulting public key is compatible with the setting that the signer provided. This restriction is unrealistic in several situations where the verifier is not willing to go through such setup process. In this paper, we resolve this problem by introducing a new type of UDVS. Different from previous approach to UDVS, our new UDVS solution, which we call “Universal Designated Verifier Signature Proof (UDVSP)”, employs an interactive protocol between the signature holder and the verifier while maintaining high level of efficiency. We provide a formal model and security notions for UDVSP and give two constructions based on the bilinear pairings. We prove that the first construction is secure in the random oracle model and so is the second one in the standard model. Disciplines Physical Sciences and Mathematics Publication Details Baek, J., Safavi-Naini, R. & Susilo, W. (2005). Universal Designated Verifier Signature proof (or how to efficiently prove knowledge of a signature). In B. Roy (Eds.), International Conference on the Theory and Application of Cryptology and Information Security (pp. 644-661). Germany: Springer. This conference paper is available at Research Online: http://ro.uow.edu.au/infopapers/2796 Universal Designated Verifier Signature Proof (or How to Efficiently Prove Knowledge of a
منابع مشابه
Convertible limited (multi-) verifier signature: new constructions and applications
A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we first present a generic construction of convertible limited verifier signature (CLVS) into which...
متن کاملOn the Soundness of Restricted Universal Designated Verifier Signatures and Dedicated Signatures
In 2006, Huang, Susilo, Mu and Zhang proposed the concept of restricted universal designated verifier signatures while Klonowski, Kubiak, Kutylowski and Lauks proposed independently the dual primitive of dedicated signatures. In both notions, a signature holder can convince one or more verifiers of his knowledge of a digital signature, but cannot exploit this knowledge without being punished fo...
متن کاملUniversal designated verifier transitive signatures for graph-based big data
In this paper, we propose a new type of digital signatures which is specifically designed for graph-based big data system. The properties of the proposed signatures are twofold. On one side it possesses the features of transitive signatures: One can sign a graph in such a way that, given two signatures on adjacent edges ði; jÞ and ðj; kÞ, anyone with public information can compute a signature o...
متن کاملEfficient Extension of Standard Schnorr/RSA Signatures into Universal Designated-Verifier Signatures
Universal Designated-Verifier Signature (UDVS) schemes are digital signature schemes with ad-ditional functionality which allows any holder of a signature to designate the signature to any desireddesignated-verifier such that the designated-verifier can verify that the message was signed by thesigner, but is unable to convince anyone else of this fact.Since UDVS schemes reduce t...
متن کاملGeneric constructions for universal designated-verifier signatures and identitybased signatures from standard signatures
We give a generic construction for universal designated-verifier signature schemes from a large class, C, of signature schemes. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. We also ...
متن کامل