Efficient Blind and Partially Blind Signatures Without Random Oracles

This paper proposes a new ecient signature scheme from bilinear maps that is secure in the standard model (i.e., without the random oracle model). Our signature scheme is more eective in many applications (e.g., blind signatures, group signatures, anonymous credentials etc.) than the existing secure signature schemes in the standard model such as the Boneh-Boyen [6], Camenisch-Lysyanskaya [10], Cramer-Shoup [15] and Waters [33] schemes (and their variants). The security proof of our scheme requires a slightly stronger assumption, the 2SDH assumption, than the SDH assumption used by Boneh-Boyen. As typical applications of our signature scheme, this paper presents e-cient blind signatures and partially blind signatures that are secure in the standard model. Here, partially blind signatures are a generalization of blind signatures (i.e., blind signatures are a special case of partially blind signatures) and have many applications including electronic cash and voting. Our blind signature scheme is much more ecient t h a n t h e existing secure blind signature schemes in the standard model such as the Camenisch-Koprowski-Warinsch [8] and Juels-Luby-Ostrovsky [22] schemes, and is also almost as ecient as the most ecient blind signature schemes whose security has been analyzed heuristically or in the random oracle model. Our partially blind signature scheme is the rst one that is secure in the standard model and it is very ecient (almost as ecient as our blind signatures). We also present a blind signature scheme based on the Waters signature scheme.