Anonymity from Public Key Encryption to Undeniable Signatures
Anonymity or “key privacy” was introduced in  as a new security notion a cryptosystem must fulfill, in some settings, in addition to the traditional indistinguishability property. It requires an adversary not be able to distinguish pairs of ciphertexts based on the keys under which they are created. Anonymity for undeniable signatures is defined along the same lines, and is considered a relevant requirement for such signatures.
Our results in this paper are twofold. First, we show that anonymity and indistinguishability are not as orthogonal to each other (i.e., independent) as previously believed. In fact, they are equivalent under certain circumstances. Consequently, we confirm the results of  on the anonymity of ElGamal’s and of Cramer-Shoup’s schemes, based on existing work about their indistinguishability. Next, we constructively use anonymous encryption together with secure digital signature schemes to build anonymous convertible undeniable signatures. In this context, we revisit a well known undeniable signature scheme, whose security remained an open problem for over than a decade, and prove that it is not anonymous. Moreover, we repair this scheme so that it provides the anonymity feature and analyze its security in our proposed framework. Finally, we analyze an efficient undeniable signature scheme, which was proposed recently, in our framework; we confirm its security results and show that it also enjoys the selective conversion feature.
KeywordsEncryption schemes Anonymity KEM/DEM Convertible undeniable signatures Generic construction
Unable to display preview. Download preview PDF.
- 3.Chaum, D., van Antwerpen, H.: Undeniable Signatures. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 212–216. Springer, Heidelberg (1990)Google Scholar
- 9.Halevi, S.: A sufficient condition for key-privacy (2005), http://eprint.iacr.org/2005/005
- 10.Herranz, J., Hofheinz, D., Kiltz, E.: KEM/DEM: Necessary and Sufficient Conditions for secure Hybrid Encryption (August 2006), http://eprint.iacr.org/2006/265.pdf