On the complexity of blind signatures

نویسنده

  • Dominique Schröder
چکیده

Blind signature schemes provide the functionality of a carbon copy envelope: The user (receiver) puts his message into this envelope and hands it over to the signer (sender). The signer in return signs the envelope and gives it back to the user who recovers the original signed message out of the envelope. Security says that the signer remains oblivious about the message (blindness), but at the same time the receiver cannot output any additional message/signature pair (unforgeability). Classical applications of blind signatures include e-cash and e-voting. Blind signature schemes are an important cryptographic primitive and many constructions have been proposed in the literature. These instantiations differ mainly in round complexity, underlying computational assumptions, and the model in which the proof of security is given. However, the minimal requirements for blind signatures in terms of round complexity and computational assumptions without assuming setup assumptions are unknown. This thesis addresses both of these questions. For the study of the round complexity, this thesis investigates the possibility of proving the security of a more general class of three-move blind signature schemes. We show that finding security proofs for these schemes via black-box reductions in the standard model is hard. Characteristic for this class is that it is publicly decidable from the transcript if the user can derive a valid signature, or not. Regarding the computational assumptions, this thesis first shows that the class of unique blind signature schemes can be used to build oblivious transfer protocols in a blackbox way. These blind signature schemes have at most one signature per message and public key. It is well known that oblivious transfer cannot be constructed from oneway functions in a black-box fashion. Thus, this result also holds for (regular) blind signature schemes. Moreover, this thesis rules out black-box constructions of blind signature schemes from one-way functions. In fact, this thesis rules out constructions from a random permutation oracle. This separation holds even for schemes signing 1-bit messages that achieve security only against honest-but-curious behavior.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Investigation of blind massive sulphide deposit signatures in the calcrete layers as a geochemical barrier: A case study of Areachap, Kantienpan and Copperton deposits

The trace element contents on the surface originated from mineralization would depend to the thickness of the calcrete layer above the ore deposit on the surface. A very thick layer of calcrete may not allow for much dispersion of the elements of interest in the surface. These elements may be concentrated in non-magnetic and magnetic part of calcrete. Based on the current research, mineralogica...

متن کامل

Practical Round-Optimal Blind Signatures in the Standard Model

Round-optimal blind signatures are notoriously hard to construct in the standard model, especially in the malicious-signer model, where blindness must hold under adversarially chosen keys. This is substantiated by several impossibility results. The only construction that can be termed theoretically efficient, by Garg and Gupta (Eurocrypt’14), requires complexity leveraging, inducing an exponent...

متن کامل

Security of Blind Digital

Blind digital signatures were introduced by Chaum. In this paper, we show how security and blindness properties for blind digital signatures, can be simultaneously deened and satissed, assuming an arbitrary one-way trapdoor permutation family. Thus, this paper presents the rst complexity-based proof of security for blind signatures.

متن کامل

Compact Round-Optimal Partially-Blind Signatures

Partially-blind signatures find many applications in the area of anonymity, such as in e-cash or e-voting systems. They extend classical blind signatures, with a signed message composed of two parts: a public one (common to the user and the signer) and a private one (chosen by the user, and blindly signed). The signer cannot link later the message-signature to the initial interaction with the u...

متن کامل

Security of Blind Digital Signatures (Extended Abstract)

Blind digital signatures were introduced by Chaum. In this paper, we show how security and blindness properties for blind digital signatures, can be simultaneously de ned and satis ed, assuming an arbitrary one-way trapdoor permutation family. Thus, this paper presents the rst complexity-based proof of security for blind signatures.

متن کامل

Security of Blind Digital Signatures

Blind digital signatures were introduced by Chaum. In this paper, we show how security and blindness properties for blind digital signatures, can be simultaneously defined and satisfied in the common reference string model, assuming an arbitrary one-way trapdoor permutation family. Thus, this paper presents the first complexity-based proof of security for blind signatures.

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010