Toward a Generic Construction of Convertible Undeniable Signatures from Pairing-Based Signatures

Undeniable signatures were proposed to limit the verification property of ordinary digital signatures. In fact, the verification of such signatures cannot be attained without the help of the signer, via the confirmation/denial protocols. Later, the concept was refined to give the possibility of converting a selected signature into an ordinary one, or publishing a universal receipt that turns all undeniable signatures publicly verifiable. In this paper, we present the first generic construction for convertible undeniable signatures from certain weakly secure cryptosystems and any secure digital signature scheme. Next, we give two specific approaches for building convertible undeniable signatures from a large class of pairingbased signatures. These methods find a nice and practical instantiation with known encryption and signature schemes. For instance, we achieve the most efficient undeniable signatures with regard to the signature length and cost, the underlying assumption and the security model. We believe these constructions could be an interesting starting point to develop more efficient schemes or give better security analyses of the existing ones.

[1]  Javier Herranz,et al.  KEM/DEM: Necessary and Sufficient Conditions for Secure Hybrid Encryption , 2006 .

[2]  Colin Boyd,et al.  Off-Line Fair Payment Protocols Using Convertible Signatures , 1998, ASIACRYPT.

[3]  Carl Pomerance,et al.  Advances in Cryptology — CRYPTO ’87 , 2000, Lecture Notes in Computer Science.

[4]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[5]  Kazuo Ohta,et al.  Advances in Cryptology — ASIACRYPT’98 , 2002, Lecture Notes in Computer Science.

[6]  David Chaum,et al.  Convertible Undeniable Signatures , 1990, CRYPTO.

[7]  Fabien Laguillaumie,et al.  Short Undeniable Signatures Without Random Oracles: The Missing Link , 2005, INDOCRYPT.

[8]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[9]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[10]  Ivan Damgård,et al.  New Convertible Undeniable Signature Schemes , 1996, EUROCRYPT.

[11]  David Pointcheval,et al.  Self-Scrambling Anonymizers , 2000, Financial Cryptography.

[12]  Jan Camenisch,et al.  Confirmer Signature Schemes Secure against Adaptive Adversaries , 2000, EUROCRYPT.

[13]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[14]  Tsz Hon Yuen,et al.  (Convertible) Undeniable Signatures Without Random Oracles , 2007, ICICS.

[15]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[16]  Silvio Micali,et al.  How to Prove all NP-Statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design , 1986, CRYPTO.

[17]  Laila El Aimani,et al.  Anonymity from Public Key Encryption to Undeniable Signatures , 2009, AFRICACRYPT.