A Secure Three-Move Blind Signature Scheme for Polynomially Many Signatures

Known practical blind signature schemes whose security against adaptive and parallel attacks can be proven in the random oracle model either need five data exchanges between the signer and the user or are limited to issue only logarithmically many signatures in terms of a security parameter. This paper presents an efficient blind signature scheme that allows a polynomial number of signatures to be securely issued while only three data exchanges are needed. Its security is proven in the random oracle model. As an application, a provably secure solution for double-spender-traceable e-cash is presented.

[1]  Rafail Ostrovsky,et al.  Security of Blind Digital Signatures (Extended Abstract) , 1997, CRYPTO.

[2]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[3]  David Pointcheval,et al.  Strengthened Security for Blind Signatures , 1998, EUROCRYPT.

[4]  Kazuo Ohta,et al.  Divertible Zero Knowledge Interactive Proofs and Commutative Random Self-Reducibility , 1990, EUROCRYPT.

[5]  Stefan Brands,et al.  Restrictive Blinding of Secret-Key Certificates , 1995, EUROCRYPT.

[6]  Tatsuaki Okamoto,et al.  Provably Secure Partially Blind Signatures , 2000, CRYPTO.

[7]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[8]  Marc Fischlin,et al.  A Note on Security Proofs in the Generic Model , 2000, ASIACRYPT.

[9]  Rafail Ostrovsky,et al.  Security of blind digital signatures , 1997 .

[10]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[11]  Jan Camenisch,et al.  Fair Blind Signatures , 1995, EUROCRYPT.

[12]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[13]  Jan Camenisch,et al.  Blind Signatures Based on the Discrete Logarithm Problem , 1994, EUROCRYPT.

[14]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[15]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[16]  Masayuki Abe,et al.  How to Date Blind Signatures , 1996, ASIACRYPT.

[17]  Patrick Horster,et al.  Meta-Message Recovery and Meta-Blind Signature Schemes Based on the Discrete Logarithm Problem and Their Applications , 1994, ASIACRYPT.

[18]  Jacques Stern,et al.  Provably Secure Blind Signature Schemes , 1996, ASIACRYPT.

[19]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[20]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[21]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[22]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[23]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[24]  Birgit Pfitzmann,et al.  How To Break and Repair A "Provably Secure" Untraceable Payment System , 1991, CRYPTO.

[25]  Yiannis Tsiounis,et al.  "Indirect Discourse Proof": Achieving Efficient Fair Off-Line E-cash , 1996, ASIACRYPT.

[26]  Jan Camenisch,et al.  Group signature schemes and payment systems based on the discrete logarithm problem , 1998 .

[27]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.