Access the full text.
Sign up today, get DeepDyve free for 14 days.
D. Boneh, Xavier Boyen, Eu-Jin Goh (2005)
Hierarchical Identity Based Encryption with Constant Size Ciphertext
V. Shoup (1997)
Lower Bounds for Discrete Logarithms and Related Problems
D. Chaum (1994)
Designated Confirmer Signatures
S sets σ 1 to V r x 1 r , σ 2 to y r 1 , and σ 3 to U r , where r, r ∈ R Z p , and sets the return value of the random oracle query H(my 1 y B ) to g r
Guilin Wang, F. Bao (2007)
Security Remarks on a Convertible Nominative Signature Scheme
Dennis Liu, D. Wong, Xinyi Huang, Guilin Wang, Qiong Huang, Y. Mu, W. Susilo (2007)
Nominative Signature: Application, Security Model and ConstructionIACR Cryptol. ePrint Arch., 2007
D. Boneh, M. Franklin (2001)
Identity-Based Encryption from the Weil PairingSIAM J. Comput., 32
K. Kurosawa, Swee-Huay Heng (2005)
3-Move Undeniable Signature Scheme
U. Feige, A. Shamir (1990)
Witness indistinguishable and witness hiding protocols
M. Bellare, P. Rogaway (1993)
Random oracles are practical: a paradigm for designing efficient protocols
If role = nil, SigGen is simulated accordingly except in the following two sub-cases: @BULLET If B is the nominator (i.e. y 1 = y B ), S sets s to U r where r
Ron Steinfeld, Laurence Bull, Huaxiong Wang, J. Pieprzyk (2003)
Universal Designated-Verifier SignaturesIACR Cryptol. ePrint Arch., 2003
If H(my 1 y B ) is queried or SignTranscript is queried on (m, y 1 , y B ), D W DDH will set H(my 1 y B ) to g r where r ∈ R Z p and set σ 1 to U r x 1 r , σ 2 to y r 1 , σ 3 to T r and σ 4 to g r
D. Chaum, Eugène Heijst, B. Pfitzmann (1991)
Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer
Zhenjie Huang, Yumin Wang (2004)
Convertible Nominative Signatures
W. Susilo, Y. Mu (2005)
On the Security of Nominative Signatures
M. Jakobsson, Kazue Sako, R. Impagliazzo (1996)
Designated Verifier Proofs and Their Applications
If role = nominee, there is one special case needs to be handled. If B is the nominator, S sets s to U r as in the first sub-case in Case (1) above
Lifeng Guo, Guilin Wang, D. Wong, L. Hu (2007)
Further Discussions on the Security of a Nominative Signature SchemeIACR Cryptol. ePrint Arch., 2006
Dennis Liu, Shuang Chang, D. Wong (2007)
A More Efficient Convertible Nominative Signature
Gerrit Bleumer (2005)
Undeniable Signatures
A signer in a Nominative Signature (NS) scheme can arbitrarily choose a nominee, then jointly generate a signature in such a way that the signature can only be verified with the nominee's consent. NS is particularly useful in user certification systems. Currently, the only secure NS scheme available requires multiround communications between the nominator and the nominee during signature generation. This implies that an NS-based user certification system requires a certification issuer to interact with a user using a complicated multiround protocol for certificate issuance. It remains an open problem to construct an efficient and non-interactive NS scheme. In this article, we solve this problem by proposing the first efficient one-move (i.e. non-interactive) NS scheme. In addition, we propose an enhanced security requirement called Strong Invisibility, and prove that our scheme satisfies this strong security requirement.
International Journal of Applied Cryptography – Inderscience Publishers
Published: Jan 1, 2008
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.