Designated Confirmer Signatures and Public-Key Encryption are Equivalent

The concept of designated confirmer signatures was introduced by Chaum [Cha94] to improve a shortcoming of undeniable signatures. The present paper formalizes the definition of designated confirmer signatures and proves that a designated confirmer signature scheme is equivalent to a public-key encryption scheme with respect to existence. In addition, the paper proposes practical designated confirmer signature schemes which are more efficient in signing than the previous scheme [Cha94].

[1]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[2]  Johan Håstad,et al.  Pseudo-random generators under uniform assumptions , 1990, STOC '90.

[3]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[4]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[5]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[6]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[7]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[8]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[9]  David Chaum,et al.  Undeniable Signatures , 1989, CRYPTO.

[10]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[11]  Moni Naor,et al.  Bit Commitment Using Pseudo-Randomness , 1989, CRYPTO.

[12]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[13]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[14]  David Chaum,et al.  Zero-Knowledge Undeniable Signatures , 1991, EUROCRYPT.

[15]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[16]  David Chaum,et al.  Convertible Undeniable Signatures , 1990, CRYPTO.

[17]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[18]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[19]  Moti Yung,et al.  Direct Minimum-Knowledge Computations , 1987, CRYPTO.

[20]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[21]  David Chaum,et al.  Designated Confirmer Signatures , 1994, EUROCRYPT.

[22]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[23]  Silvio Micali,et al.  The Notion of Security for Probabilistic Cryptosystems , 1986, CRYPTO.

[24]  Tatsuaki Okamoto On the Relationship among Cryptographic Physical Assumptions , 1993, ISAAC.

[25]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[26]  Kazuo Ohta,et al.  A Modification of the Fiat-Shamir Scheme , 1988, CRYPTO.