Signature Scheme for Specified Threshold Verifiers and Security Proofs

The problem called "constructing signature schemes for specified verifiers" is proposed by Laih, and such a scheme is also given by Laih. It is shown that this scheme is not secure and a scheme called SV-EDL is put forward. Furthermore, the provable security theory is used to analyze such schemes, i.e. the security of SV-EDL scheme is proved in RO (random oracle) model. The security against forgery is tightly related to the Computational Diffie-Hellman problem, i.e. the forgery is almost as difficult as solving CDH (computational Diffie-Hellman) problem. Especially, for anyone except the specified verifiers, the ability of verifying signature is tightly related to DDH (decisional Diffie-Hellman) problem. Since the hardness of the CDH and DDH problem is widely believed to be closely related to the hardness of the DL (discrete logarithm) problem, the scheme offers better security guarantees than the existing schemes. In addition, it offers non-repudiation in a very straight-forward manner. Finally, the concept of threshold verification is proposed and a (t,m)-threshold verification protocol is constructed, and its security is proved in the standard model. Especially, the scheme does not ask for the existence of the trusted center.