New Blind Signatures Equivalent to Factorization

In this paper, we present new blind signature schemes based on the factorization problem. They are the first blind signature schemes proved secure relatively to factorization. By security, we mean that no “one-more forgery” is possible even under a parallel attack. In other terms, a user that receives k electronic coins cannot manufacture k + 1. Those security definitions have been introduced by Pointcheval and Stern [18] for use in electronic cash. In fact, blind signatures were defined with this aim and it is still their most important application, together with anonymous voting. In the following, we will present an efficient reduction of an attack to a factorization algorithm in the random oracle model [1].

[1]  Victor Shoup On the Security of a Practical Identification Scheme , 1996, EUROCRYPT.

[2]  Niels Ferguson,et al.  Extensions of Single-term Coins , 1993, CRYPTO.

[3]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[4]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[5]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[6]  Stefan A. Brands A note on parallel executions of restrictive blind issuing protocols for secret-key certificates , 1995 .

[7]  Stefan A. Brands,et al.  An Efficient Off-line Electronic Cash System Based On The Representation Problem. , 1993 .

[8]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[9]  Victor Shoup On the Security of a Practical Identi cation Scheme , 1996 .

[10]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[11]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[12]  Niels Ferguson,et al.  Single Term Off-Line Coins , 1994, EUROCRYPT.

[13]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[14]  Stefan A. Brands Restrictive blind issuing of secret-key certificates in parallel mode , 1995 .

[15]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[16]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[17]  S. Brands Oo-line Electronic Cash Based on Secret-key Certiicates , 1995 .

[18]  Stefan BrandsCWI,et al.  Untraceable Oo-line Cash in Wallets with Observers , 1993 .

[19]  Stefan Brands,et al.  Off-Line Electronic Cash Based on Secret-Key Certificates , 1995, LATIN.

[20]  Stefan Brands,et al.  Restrictive Blinding of Secret-Key Certificates , 1995, EUROCRYPT.

[21]  Claus-Peter Schnorr,et al.  Fast Signature Generation With a Fiat Shamir-Like Scheme , 1991, EUROCRYPT.

[22]  Claus-Peter Schnorr E cient Identi cation and Signatures for Smart-Cards , 1990, CRYPTO 1990.

[23]  Jacques Stern,et al.  Provably Secure Blind Signature Schemes , 1996, ASIACRYPT.

[24]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[25]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[26]  Berry Schoenmakers An efficient electronic payment system withstanding parallel attacks , 1995 .