Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

Generic constructions for universal designated-verifier signatures and identity-based signatures from standard signatures

Generic constructions for universal designated-verifier signatures and identity-based signatures from standard signatures

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

  • Author(s): S.F. Shahandashti 1  and  R. Safavi-Naini 2
    • View affiliations
    • Affiliations: 1: School of Computer Science and Software Engineering (SCSSE) and Centre for Computer and Information Security Research (CCISR), University of Wollongong, Wollongong, Australia
      2: Department of Computer Science and icore Information Security Lab (iCIS), University of Calgary, Calgary, Canada
  • Source: Volume 3, Issue 4, December 2009, p. 152 – 176
    DOI:  10.1049/iet-ifs.2009.0036 , Print ISSN 1751-8709, Online ISSN 1751-8717
© The Institution of Engineering and Technology
Published

The authors give a generic construction for universal (mutli) designated-verifier signature schemes from a large class of signature schemes, referred to as Class ℂ. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. The authors also propose a generic construction for (hierarchical) identity-based signature schemes from any signature scheme in ℂ and prove that the construction is secure against adaptive chosen message and identity attacks. The authors discuss possible extensions of our constructions to identity-based ring signatures and identity-based designated-verifier signatures from any signature in ℂ. Finally, the authors show that it is possible to combine the above constructions to obtain signatures with combined functionalities.

Inspec keywords: digital signatures; cryptography

Other keywords: message attack; universal designated-verifier signature; cryptography; identity-based ring signature; generic construction; identity attack

Subjects: Cryptography theory; Cryptography; Data security

References

    1. 1)
      • Bellare, M., Rogaway, P.: `The exact security of digital signatures – how to sign with RSA and rabin', EUROCRYPT'96, 1996, p. 399–416.
    2. 2)
      • Balfanz, D., Durfee, G., Shankar, N., Smetters, D.K., Staddon, J., Wong, H.C.: `Secret handshakes from pairing-based key agreements', IEEE Symp. on Security and Privacy (IEEES&P'03), 2003, IEEE Computer Society, p. 180–196.
    3. 3)
      • Susilo, W., Zhang, F., Mu, Y.: `Identity-based strong designated verifier signature schemes', ACISP'04, 2004, p. 313–324, (LNCS, 3108).
    4. 4)
      • Rivest, R.L., Shamir, A., Tauman, Y.: `How to leak a secret', ASIACRYPT, 2001, p. 552–565, (LNCS, 2248).
    5. 5)
      • Goldwasser, S., Waisbard, E.: `Transformation of digital signature schemes into designated confirmer signature schemes', TCC'04, 2004, p. 77–100, (LNCS, 2951).
    6. 6)
      • T. Elgamal . A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory , 4 , 469 - 472
    7. 7)
      • Jakobsson, M., Sako, K., Impagliazzo, R.: `Designated verifier proofs and their applications', EUROCRYPT'96, 1996, p. 143–154.
    8. 8)
      • Waters, B.: `Efficient identity-based encryption without random oracles', EUROCRYPT'05, 2005, p. 114–127, (LNCS, 3494).
    9. 9)
      • N. Asokan , V. Shoup , M. Waidner . Optimistic fair exchange of digital signatures. IEEE J. Sel. Areas Commun. , 4 , 593 - 610
    10. 10)
      • Zhang, R., Furukawa, J., Imai, H.: `Short signature and universal designated verifier signature without random oracles', ACNS'05, 2005, p. 483–498, (LNCS, 3531).
    11. 11)
      • Galindo, D., Herranz, J., Kiltz, E.: `On the generic construction of identity-based signatures with additional properties', ASIACRYPT'06, 2006, p. 178–193, (LNCS, 4284).
    12. 12)
      • Steinfeld, R., Wang, H., Pieprzyk, J.: `Efficient extension of standard Schnorr/RSA signatures into universal designated-verifier signatures', Public Key Cryptography (PKC'04), 2004, p. 86–100, (LNCS, 2947).
    13. 13)
      • Holt, J.E., Bradshaw, R.W., Seamons, K.E., Orman, H.K.: `Hidden credentials', WPES'03, ACM, 2003, p. 1–8.
    14. 14)
      • Steinfeld, R., Bull, L., Wang, H., Pieprzyk, J.: `Universal designated-verifier signatures', ASIACRYPT'03, 2003, p. 523–542, (LNCS, 2894).
    15. 15)
      • Gentry, C., Silverberg, A.: `Hierarchical ID-based cryptography', ASIACRYPT'02, 2002, p. 548–566, (LNCS, 2501).
    16. 16)
      • D. Pointcheval , J. Stern . Security arguments for digital signatures and blind signatures. J Cryptol. , 3 , 361 - 396
    17. 17)
      • K.G. Paterson . ID-based signatures from pairings on elliptic curves. Electron. Lett. , 18 , 1025 - 1026
    18. 18)
      • Catalano, D., Dodis, Y., Visconti, I.: `Mercurial commitments: minimal assumptions and efficient constructions', TCC'06, 2006, p. 120–144, (LNCS, 3876).
    19. 19)
      • Huang, Z., Chen, K., Wang, Y.: `Efficient identity-based signatures and blind signatures', CANS'05, 2005, p. 120–133, (LNCS, 3810).
    20. 20)
      • Fiat, A., Shamir, A.: `How to prove yourself: practical solutions to identification and signature problems', CRYPTO'86, 1986, p. 186–194, (LNCS, 263).
    21. 21)
      • Vergnaud, D.: `New extensions of pairing-based signatures into universal designated verifier signatures', ICALP'06 (2), 2006, p. 58–69, (LNCS, 4052).
    22. 22)
      • Shamir, A.: `Identity-based cryptosystems and signature schemes', CRYPTO'84, 1984, p. 47–53.
    23. 23)
      • Paterson, K.G., Schuldt, J.C.N.: `Efficient identity-based signatures secure in the standard model', ACISP'06, 2006, p. 207–222, (LNCS, 4058).
    24. 24)
      • Zhang, F., Susilo, W., Mu, Y., Chen, X.: `Identity-based universal designated verifier signatures', EUC'05 Workshops, 2005, p. 825–834, (LNCS, 3823).
    25. 25)
      • Cha, J.C., Cheon, J.H.: `An identity-based signature from gap Diffie–Hellman groups', Public Key Cryptography (PKC'03), 2003, p. 18–30, (LNCS, 2567).
    26. 26)
      • X. Yi . An identity-based signature scheme from the Weil pairing. Commun. Lett., IEEE , 2 , 76 - 78
    27. 27)
      • Boneh, D., Boyen, X.: `Short signatures without random oracles', EUROCRYPT'04, 2004, p. 56–73, (LNCS, 3027).
    28. 28)
      • Laguillaumie, F., Libert, B., Quisquater, J.J.: `Universal designated verifier signatures without random oracles or non-black box assumptions', SCN'06, 2006, p. 63–77, (LNCS, 4116).
    29. 29)
      • Boneh, D., Franklin, M.K.: `Identity-based encryption from the Weil pairing', CRYPTO'01, 2001, p. 213–229, (LNCS, 2139).
    30. 30)
      • Benaloh, J.C., Tuinstra, D.: `Receipt-free secret-ballot elections', STOC'94, 1994, p. 544–553.
    31. 31)
      • Cramer, R., Damgård, I., Schoenmakers, B.: `Proofs of partial knowledge and simplified design of witness hiding protocols', CRYPTO'94, 1994, p. 174–187, (LNCS, 839).
    32. 32)
      • Bellare, M., Rogaway, P.: `Random oracles are practical: a paradigm for designing efficient protocols', ACM Conf. Computer and Communications Security (ACMCCS'93), ACM, 1993, p. 62–73.
    33. 33)
      • Gennaro, R., Halevi, S., Rabin, T.: `Secure hash-and-sign signatures without the random oracle', EUROCRYPT'99, 1999, p. 123–139.
    34. 34)
      • Rabin, M.O.: `Digitalized signatures and public-key functions as intractable as factorization', Report no. MIT/LCS/TR-212, 1979.
    35. 35)
      • Bellare, M., Neven, G.: `Multi-signatures in the plain public-key model and a general forking lemma', ACM Conf. on Computer and Communications Security (ACMCCS'06), ACM, 2006, p. 390–399.
    36. 36)
      • Guillou, L.C., Quisquater, J.J.: `A “Paradoxical” indentity-based signature scheme resulting from zero-knowledge', CRYPTO'88, 1988, p. 216–231, (LNCS, 403).
    37. 37)
      • Huang, X., Susilo, W., Mu, Y., Wu, W.: `Universal designated verifier signature without delegatability', ICICS'06, 2006, p. 479–498, (LNCS, 4307).
    38. 38)
      • Bellare, M., Goldreich, O.: `On defining proofs of knowledge', CRYPTO'92, 1992, p. 390–420, (LNCS, 740).
    39. 39)
      • Li, Y., Lipmaa, H., Pei, D.: `On delegatability of four designated verifier signatures', ICICS'05, 2005, p. 61–71, (LNCS, 3783).
    40. 40)
      • Sakai, R., Ohgishi, K., Kasahara, M.: `Cryptosystems based on pairing', Symp. on Cryptography and Information Security (SCIS), January 2000, p. 26–28.
    41. 41)
      • Lipmaa, H., Wang, G., Bao, F.: `Designated verifier signature schemes: attacks, new security notions and a new construction', ICALP'05, 2005, p. 459–471, (LNCS, 3580).
    42. 42)
      • Ng, C.Y., Susilo, W., Mu, Y.: `Universal designated multi verifier signature schemes', ICPADS'05 (2), 2005, IEEE Computer Society, p. 305–309.
    43. 43)
      • Zhang, F., Safavi-Naini, R., Susilo, W.: `An efficient signature scheme from bilinear pairings and its applications', Public Key Cryptography (PKC'04), 2004, p. 277–290, (LNCS, 2947).
    44. 44)
      • R. Cramer , V. Shoup . Signature schemes based on the strong RSA assumption. ACM Trans. Inf. Syst. Secur. , 3 , 161 - 185
    45. 45)
      • F. Cao , Z. Cao . An identity based universal designated verifier signature scheme secure in the standard model. J. Syst. Software , 4 , 643 - 649
    46. 46)
      • C.P. Schnorr . Efficient signature generation by smart cards. J Cryptol. , 3 , 161 - 174
    47. 47)
      • Camenisch, J., Damgård, I.: `Verifiable encryption, group encryption, and their applications to separable group signatures and signature sharing schemes', ASIACRYPT'00, 2000, p. 331–345, (LNCS, 1976).
    48. 48)
      • Shahandashti, S.F., Safavi-Naini, R.: `Construction of universal designated-verifier signatures and identity-based signatures from standard signatures', Public Key Cryptography (PKC'08), 2008, p. 121–140, (LNCS, 4939).
    49. 49)
      • Camenisch, J., Stadler, M.: `Efficient group signature schemes for large groups (extended abstract)', CRYPTO'97, 1997, p. 410–424, (LNCS, 1294).
    50. 50)
      • Bellare, M., Namprempre, C., Neven, G.: `Security proofs for identity-based identification and signature schemes', EUROCRYPT'04, 2004, p. 268–286, (LNCS, 3027).
    51. 51)
      • W. Diffie , M.E. Hellman . New directions in cryptography. IEEE Trans. Inf. Theory , 6 , 644 - 654
    52. 52)
      • Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.J.: `Efficient and provably-secure identity-based signatures and signcryption from bilinear maps', ASIACRYPT'05, 2005, p. 515–532, (LNCS, 3788).
    53. 53)
      • Shailaja, G., Kumar, K.P., Saxena, A.: `Universal designated multi verifier signature without random oracles', ICIT'06, 2006, IEEE Computer Society, p. 168–171.
    54. 54)
      • Garay, J.A., Jakobsson, M., MacKenzie, P.D.: `Abuse-free optimistic contract signing', CRYPTO'99, 1999, p. 449–466, (LNCS, 1666).
    55. 55)
      • Bellare, M., Palacio, A.: `GQ and Schnorr identification schemes: proofs of security against impersonation under active and concurrent attacks', CRYPTO'02, 2002, p. 162–177, (LNCS, 2442).
    56. 56)
      • Camenisch, J., Lysyanskaya, A.: `Signature schemes and anonymous credentials from bilinear maps', CRYPTO'04, 2004, p. 56–72, (LNCS, 3152).
    57. 57)
      • Camenisch, J., Lysyanskaya, A.: `A signature scheme with efficient protocols', SCN'02, 2002, p. 268–289, (LNCS, 2576).
    58. 58)
      • J.A. Garay , P.D. MacKenzie , K. Yang . Strengthening zero-knowledge protocols using signatures. J. Cryptol. , 2 , 169 - 209
    59. 59)
      • U. Feige , A. Fiat , A. Shamir . Zero-knowledge proofs of identity. J Cryptol. , 2 , 77 - 94
    60. 60)
      • Laguillaumie, F., Vergnaud, D.: `Designated verifier signatures: anonymity and efficient construction from any bilinear map', SCN'04, 2004, p. 105–119, (LNCS, 3352).
    61. 61)
      • S. Goldwasser , S. Micali , R. Rivest . A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. , 2 , 281 - 308
    62. 62)
      • Laguillaumie, F., Vergnaud, D.: `Multi-designated verifiers signatures', ICICS'04, 2004, p. 495–507, (LNCS, 3269).
    63. 63)
      • D. Vergnaud . New extensions of pairing-based signatures into universal (multi) designated verifier signatures.
    64. 64)
      • Hess, F.: `Efficient identity based signature schemes based on pairings', Selected Areas in Cryptography (SAC'02), 2002, p. 310–324, (LNCS, 2595).
    65. 65)
      • Okamoto, T.: `Provably secure and practical identification schemes and corresponding signature schemes', CRYPTO'92, 1992, p. 31–53, (LNCS, 740).
    66. 66)
      • S. Goldwasser , S. Micali , C. Rackoff . The knowledge complexity of interactive proof systems. SIAM J. Comput. , 1 , 186 - 208
    67. 67)
      • Boneh, D., Lynn, B., Shacham, H.: `Short signatures from the Weil pairing', ASIACRYPT'01, 2001, p. 514–532, (LNCS, 2248).
    68. 68)
      • Tso, R., González Nieto, J., Okamoto, T., Boyd, C., Okamoto, E.: `Verifier-key-flexible universal designated-verifier signatures', IMA International Conference, 2007, p. 403–421, (LNCS, 4887).
    69. 69)
      • X. Huang , W. Susilo , Y. Mu , W. Wu . Secure universal designated verifier signature without random oracles. Int. J. Inf. Sec. , 3 , 171 - 183
    70. 70)
      • Kurosawa, K., Heng, S.H.: `From digital signature to ID-based identification/signature', Public Key Cryptography (PKC'04), 2004, p. 248–261, (LNCS, 2947).
    71. 71)
      • Zhang, F., Kim, K.: `ID-based blind signature and ring signature from pairings', ASIACRYPT'02, 2002, p. 533–547, (LNCS, 2501).
    72. 72)
      • R.L. Rivest , A. Shamir , L. Adleman . A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM , 2 , 120 - 126
    73. 73)
      • Cramer, R., Damgård, I., MacKenzie, P.D.: `Efficient zero-knowledge proofs of knowledge without intractability assumptions', Public Key Cryptography (PKC'00), 2000, p. 354–372, (LNCS, 1751).
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2009.0036
Loading

Related content

content/journals/10.1049/iet-ifs.2009.0036
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address