Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from Standard Signatures

We give a generic construction for universal designated-verifier signature schemes from a large class, C, of signature schemes. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. We also propose a generic construction for identity-based signature schemes from any signature scheme in C and prove that the construction is secure against adaptive chosen message and identity attacks. We discuss possible extensions of our constructions to universal multi-designated-verifier signatures, hierarchical identity-based signatures, identity-based universal designated verifier signatures, and identity-based ring signatures from any signature in C.

[1]  Joonsang Baek,et al.  Universal Designated Verifier Signature Proof (or How to Efficiently Prove Knowledge of a Signature) , 2005, ASIACRYPT.

[2]  Chanathip Namprempre,et al.  From Identification to Signatures via the Fiat-Shamir Transform: Minimizing Assumptions for Security and Forward-Security , 2002, EUROCRYPT.

[3]  Yuliang Zheng,et al.  Public key cryptography : third International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2000, Melbourne, Victoria, Australia, January 18-20, 2000 : proceedings , 2000 .

[4]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[5]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[6]  Yong Li,et al.  On Delegatability of Four Designated Verifier Signatures , 2005, ICICS.

[7]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[8]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[9]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[10]  Kefei Chen,et al.  Efficient Identity-Based Signatures and Blind Signatures , 2005, CANS.

[11]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[12]  Shafi Goldwasser,et al.  Transformation of Digital Signature Schemes into Designated Confirmer Signature Schemes , 2004, TCC.

[13]  Mihir Bellare,et al.  GQ and Schnorr Identification Schemes: Proofs of Security against Impersonation under Active and Concurrent Attacks , 2002, CRYPTO.

[14]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[15]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[16]  J. Camenisch,et al.  Proof systems for general statements about discrete logarithms , 1997 .

[17]  Yi Mu,et al.  Restricted Universal Designated Verifier Signature , 2006, UIC.

[18]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[19]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[20]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[21]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[22]  Keisuke Tanaka,et al.  Universal Designated-Verifier Signature with Aggregation , 2005, Third International Conference on Information Technology and Applications (ICITA'05).

[23]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[24]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[25]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[26]  Xun Yi,et al.  An identity-based signature scheme from the Weil pairing , 2003, IEEE Communications Letters.

[27]  Mihir Bellare,et al.  Multi-signatures in the plain public-Key model and a general forking lemma , 2006, CCS '06.

[28]  Shouhuai Xu,et al.  Strong Key-Insulated Signature Schemes , 2003, Public Key Cryptography.

[29]  Yi Mu,et al.  Universal Designated Verifier Signature Without Delegatability , 2006, ICICS.

[30]  Ernest F. Brickell,et al.  Advances in Cryptology — CRYPTO’ 92 , 2001, Lecture Notes in Computer Science.

[31]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[32]  Kaoru Kurosawa,et al.  From Digital Signature to ID-based Identification/Signature , 2004, Public Key Cryptography.

[33]  Jacques Stern,et al.  Short Proofs of Knowledge for Factoring , 2000, Public Key Cryptography.

[34]  Kazuo Ohta,et al.  On Concrete Security Treatment of Signatures Derived from Identification , 1998, CRYPTO.

[35]  Marc Fischlin,et al.  Communication-Efficient Non-interactive Proofs of Knowledge with Online Extractors , 2005, CRYPTO.

[36]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[37]  Jan Camenisch,et al.  Advances in cryptology - EUROCRYPT 2004 : International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004 : proceedings , 2004 .

[38]  Jean-Jacques Quisquater,et al.  Universal Designated Verifier Signatures Without Random Oracles or Non-black Box Assumptions , 2006, SCN.

[39]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[40]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[41]  Hideki Imai,et al.  Short Signature and Universal Designated Verifier Signature Without Random Oracles , 2005, ACNS.

[42]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[43]  Chanathip Namprempre,et al.  Security Proofs for Identity-Based Identification and Signature Schemes , 2008, Journal of Cryptology.

[44]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[45]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[46]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[47]  Ivan Visconti,et al.  Mercurial Commitments: Minimal Assumptions and Efficient Constructions , 2006, TCC.

[48]  Jin Li,et al.  Universal Designated Verifier Ring Signature (Proof) Without Random Oracles , 2006, EUC Workshops.

[49]  Ron Steinfeld,et al.  Efficient Extension of Standard Schnorr/RSA Signatures into Universal Designated-Verifier Signatures , 2004, Public Key Cryptography.

[50]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[51]  Feng Bao,et al.  Designated Verifier Signature Schemes: Attacks, New Security Notions and a New Construction , 2005, ICALP.

[52]  Jean-Sébastien Coron,et al.  Deterministic Polynomial-Time Equivalence of Computing the RSA Secret Key and Factoring , 2006, Journal of Cryptology.

[53]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.

[54]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[55]  Juan A. Garay,et al.  Strengthening Zero-Knowledge Protocols Using Signatures , 2003, Journal of Cryptology.

[56]  Ivan Damgård,et al.  Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions , 2000, Public Key Cryptography.

[57]  Fabien Laguillaumie,et al.  Designated Verifier Signatures: Anonymity and Efficient Construction from Any Bilinear Map , 2004, SCN.

[58]  Ron Steinfeld,et al.  Universal Designated-Verifier Signatures , 2003, ASIACRYPT.

[59]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[60]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[61]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97, 17th Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 1997, Proceedings , 1997, CRYPTO 1997.

[62]  Yi Mu,et al.  Identity-Based Universal Designated Verifier Signatures , 2005, EUC Workshops.

[63]  Hilarie K. Orman,et al.  Hidden Credentials , 2003, WPES '03.

[64]  Damien Vergnaud,et al.  New Extensions of Pairing-Based Signatures into Universal Designated Verifier Signatures , 2006, ICALP.

[65]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[66]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[67]  Yi Mu,et al.  Universal Designated Multi Verifier Signature Schemes , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[68]  Melissa Chase,et al.  On Signatures of Knowledge , 2006, CRYPTO.

[69]  Bimal Roy Advances in Cryptology - ASIACRYPT 2005, 11th International Conference on the Theory and Application of Cryptology and Information Security, Chennai, India, December 4-8, 2005, Proceedings , 2005, ASIACRYPT.

[70]  Ivan Damgård,et al.  Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes , 2000, ASIACRYPT.

[71]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.