Two-round concurrent blind signatures without random oracles

We present the first blind signature scheme that is efficient and provably secure without random oracles under concurrent attacks utilizing only two rounds of short communication. The scheme is based on elliptic curve groups for which a bilinear map exists and on extractable and equivocable commitments. The unforgeability of the employed signature scheme is guarranteed by the LRSW assumption while the blindness property of our scheme is guarranteed by the Decisional Linear Diffie Hellman assumption. We prove our construction secure under the above assumptions as well as the DCR and DLOG assumptions in the concurrent attack model of Juels, Luby and Ostrovsky from Crypto ’97. Our construction is the first scheme that instantiates the security definition of Juels et al. with an efficient construction in the standard model. We consider various modifications to our basic protocol that inlude a blind signature scheme with revokable blindness as well as a blind signature that incorporates a “public-tagging” mechanism. The latter extension of our scheme gives rise to a partially blind signature with the same efficiency and security properties as our basic scheme. ∗University of Connecticut, Computer Science and Engineering, Storrs, CT, USA, {aggelos,hszhou }@cse.uconn.edu . Research partly supported by NSF CAREER Award CNS-0447808.

[1]  Rafail Ostrovsky,et al.  Security of Blind Digital Signatures (Extended Abstract) , 1997, CRYPTO.

[2]  David Pointcheval,et al.  Strengthened Security for Blind Signatures , 1998, EUROCRYPT.

[3]  Kazuo Ohta,et al.  Divertible Zero Knowledge Interactive Proofs and Commutative Random Self-Reducibility , 1990, EUROCRYPT.

[4]  Jacques Stern,et al.  Provably Secure Blind Signature Schemes , 1996, ASIACRYPT.

[5]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[6]  Chanathip Namprempre,et al.  The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme , 2002, Financial Cryptography.

[7]  Masayuki Abe,et al.  A Secure Three-Move Blind Signature Scheme for Polynomially Many Signatures , 2001, EUROCRYPT.

[8]  Jan Camenisch,et al.  Efficient Blind Signatures Without Random Oracles , 2004, SCN.

[9]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[10]  Ivan Damgård,et al.  Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals , 1988, CRYPTO.

[11]  Tatsuaki Okamoto,et al.  Provably Secure Partially Blind Signatures , 2000, CRYPTO.

[12]  Masayuki Abe,et al.  Provably Secure Fair Blind Signatures with Tight Revocation , 2001, ASIACRYPT.

[13]  Jan Camenisch,et al.  Fair Blind Signatures , 1995, EUROCRYPT.

[14]  Ivan Damgård,et al.  Efficient Concurrent Zero-Knowledge in the Auxiliary String Model , 2000, EUROCRYPT.

[15]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.