On the Soundness of Restricted Universal Designated Verifier Signatures and Dedicated Signatures
نویسندگان
چکیده
In 2006, Huang, Susilo, Mu and Zhang proposed the concept of restricted universal designated verifier signatures while Klonowski, Kubiak, Kutylowski and Lauks proposed independently the dual primitive of dedicated signatures. In both notions, a signature holder can convince one or more verifiers of his knowledge of a digital signature, but cannot exploit this knowledge without being punished for that. In this paper, we state that a signature holder may generically provide a proof that it has a certain signature without being punished and that consequently both primitives cannot fulfill their alleged security goals. To demonstrate the feasibility of this claim, we propose the first non-interactive universal designated verifier proof of the possession of an Elgamal or a DSA signature in the random oracle model. This construction may be of independent interest.
منابع مشابه
Universal designated verifier transitive signatures for graph-based big data
In this paper, we propose a new type of digital signatures which is specifically designed for graph-based big data system. The properties of the proposed signatures are twofold. On one side it possesses the features of transitive signatures: One can sign a graph in such a way that, given two signatures on adjacent edges ði; jÞ and ðj; kÞ, anyone with public information can compute a signature o...
متن کاملGeneric constructions for universal designated-verifier signatures and identitybased signatures from standard signatures
We give a generic construction for universal designated-verifier signature schemes from a large class, C, of signature schemes. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. We also ...
متن کاملConstruction of Universal Designated-Verifier Signatures and Identity-Based Signatures from Standard Signatures
We give a generic construction for universal designated-verifier signature schemes from a large class, C, of signature schemes. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. We also ...
متن کاملVerifier-Key-Flexible Universal Designated-Verifier Signatures
Universal Designated-Verifier Signatures (UDVS) are proposed to protect the privacy of a signature holder. Since UDVS schemes reduce to standard signatures when no verifier designation is performed, from the perspective of a signer, it is natural to ask if a UDVS can be constructed from widely used standardized-signatures so that the existing public key infrastructures for these schemes can be ...
متن کاملNew Extensions of Pairing-Based Signatures into Universal (Multi) Designated Verifier Signatures
The concept of universal designated verifier signatures was introduced by Steinfeld, Bull, Wang and Pieprzyk at Asiacrypt 2003. These signatures can be used as standard publicly verifiable digital signatures but have an additional functionality which allows any holder of a signature to designate the signature to any desired verifier. This designated verifier can check that the message was indee...
متن کامل