Most electronic cash systems in the literature have been developed in the single bank model in which clients and merchants have accounts at the same bank. In the real world, electronic cash may be issued by a large group of banks, monitored by the Central Bank. Thus not only client anonymity but also bank anonymity should be considered to simulate anonymity of real money. Because anonymity coul...

This article presents an efficient divisible blind signature scheme that makes it possible to divide a blind signature with a specified value into a sequence of subsignatures with smaller values for a sequence of different designated verifications. In the proposed scheme every signature can be divided into subsignatures with arbitrary positive values as long as the total value of them is equal ...

Verifiably encrypted signatures are used when Alice wants to sign a message for Bob but does not want Bob to possess her signature on the message until a later date. Such signatures are used in optimistic contact signing to provide fair exchange. Partially blind signature schemes are an extension of blind signature schemes that allows a signer to sign a partially blinded message that include pr...

In this paper, a proxy blind signature scheme based on bilinear pairing is proposed. The proposed proxy blind signature is existential unforgeable under adaptively chosen warrant attacks and chosen message attacks upon the CDH assumptions and DBDH assumptions in the Random Oracle Model. In order to make all levels of banks issue electronic coin, the proxy blind signature scheme is applied to co...

Partially blind signature schemes are the most important ingredient for anonymity in off-line e-cash system. In this paper, a new approach to setup formal security arguments in random oracle model for factorization based partially blind signature schemes is presented. Then a provably secure and efficient scheme based on quadratic residue is proposed. The approach also allows one to give formal ...

In 2003, Hwang et al. proposed a new blind signature based on the RSA cryptosystem by employing Extended Euclidean algorithm. They claimed that the proposed scheme was untraceable and it could meet all requirements of a blind signature. In 2004, Chang and Chang indicated that the signer in Hwang et al.’ scheme could trace the blind signature applicant in some cases. However, the authors find th...

Multivariate Cryptography is one of the main candidates for creating post-quantum cryptosystems. Especially in the area of digital signatures, there exist many practical and secure multivariate schemes. However, there is a lack of multivariate signature schemes with special properties such as blind, ring and group signatures. In this paper, we propose a technique to transform the Rainbow multiv...

Blind signatures, introduced by Chaum, allow a user to obtain a signature on a message without revealing any thing about the message to the signer. Blind signatures play an important role in plenty of applications such as e-voting, e-cash system where anonymity is of great concern. Identity based(ID-based) public key cryptography can be a good alternative for certificate based public key settin...

We present a method for blind certifying end-users' public keys and its application in offline electronic cash. A blind certificate of a public key is similar to an ordinary public-key certificate, however the identity of the certificate holder is concealed under the key certified. A digital signature supported by a blind certificate can be verified without identifying the signer. The technique...

We study the design of practical blind signatures in the universal composability (UC) setting against adaptive adversaries. We introduce a new property for blind signature schemes that is fundamental for managing adaptive adversaries: an equivocal blind signature is a blind signature protocol where a simulator can construct the internal state of the client so that it matches a simulated transcr...