Restricted Universal Designated Verifier Signature

Similar to hand-written signatures, digital signatures are designed to provide authenticity, integrity and non-repudiation. In the arena of ubiquitous computing, the ability of convincing any third party should be restricted. In a service such as an Internet trial-browsing service, a user is allowed to access the service of t times without any charge, but will be charged on the t+1 count of access. In this paper, we introduce the notion of restricted universal designated verifier signature. In this notion, a signature holder can convince up to t verifiers, and the convincing statement is designated to these verifiers. However, when the signature holder uses the signature for t+1 times, then the signature will become publicly available. We note that this type of signature schemes has many applications in practice.

[1]  Ron Steinfeld,et al.  Efficient Extension of Standard Schnorr/RSA Signatures into Universal Designated-Verifier Signatures , 2004, Public Key Cryptography.

[2]  Kazue Sako,et al.  Anonymous authentication : For privacy and security , 2005 .

[3]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[4]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[5]  Ron Steinfeld,et al.  Universal Designated-Verifier Signatures , 2003, ASIACRYPT.

[6]  Fabien Laguillaumie,et al.  Multi-designated Verifiers Signatures , 2004, ICICS.

[7]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[8]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[9]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.