Blackmailing using Undeniable Signatures
暂无分享,去创建一个
With blackmailing we mean a situation where after a signature has been verified, the conviction of its correctness can be either kept to the verifier or, at his sole discretion, be shared with some predetermined set of cooperating co-verifiers. We show how a weakness in the protocol for undeniable signatures allows blackmailing of a signer of a undeniable signature, or several verifiers simultaneously to verify several signatures. Also, we discuss how multiple verifiers can be convinced about the correctness of a signature in similar protocols, like Designated Confirmer Signatures, although no blackmailing attack is found for here.
[1] Moti Yung,et al. Weaknesses of undeniable signature schemes , 1991 .
[2] David Chaum,et al. Multiparty unconditionally secure protocols , 1988, STOC '88.
[3] David Chaum,et al. Some Weaknesses of "Weaknesses of Undeniable Signatures" , 1991, EUROCRYPT.
[4] David Chaum,et al. Undeniable Signatures , 1989, CRYPTO.
[5] David Chaum,et al. Designated Confirmer Signatures , 1994, EUROCRYPT.