Universally Convertible Directed Signatures
- Cite this paper as:
- Laguillaumie F., Paillier P., Vergnaud D. (2005) Universally Convertible Directed Signatures. In: Roy B. (eds) Advances in Cryptology - ASIACRYPT 2005. ASIACRYPT 2005. Lecture Notes in Computer Science, vol 3788. Springer, Berlin, Heidelberg
Many variants of Chaum and van Antwerpen’s undeniable signatures have been proposed to achieve specific properties desired in real-world applications of cryptography. Among them, directed signatures were introduced by Lim and Lee in 1993. Directed signatures differ from the well-known confirmer signatures in that the signer has the simultaneous abilities to confirm, deny and individually convert a signature. The universal conversion of these signatures has remained an open problem since their introduction in 1993. This paper provides a positive answer to this quest by showing a very efficient design for universally convertible directed signatures (UCDS) both in terms of computational complexity and signature size. Our construction relies on the so-called xyz-trick applicable to bilinear map groups. We define proper security notions for UCDS schemes and show that our construction is secure in the random oracle model, under computational assumptions close to the CDH and DDH assumptions. Finally, we introduce and realize traceable universally convertible directed signatures where a master tracing key allows to link signatures to their direction.