Practical Strong Designated Verifier Signature Schemes Based on Double Discrete Logarithms
We notice that a strong designated verifier signature (SDVS) scheme can easily be realized by any secure one-way and two-party authenticated key agreement scheme. So any SDVS scheme without lower communication/computation cost or enhanced security comparing to these one-way and two-party authenticated key agreement schemes may have less advantage in practical use. In this paper, we introduce an SDVS scheme which realizes low communication/computation cost and is more efficient than current one-way key agreement schemes and SDVS schemes. In addition, we show how to remove a hash function used in this scheme where in this modified scheme, an enhanced security will be provided such that the consistency of a signature cannot be ascertained by any third party even if the signer’s private key is revealed. We will prove the security of our schemes using random oracle models.
KeywordsCDH assumption DDH assumption double discrete logarithm designated verifier signature one-way two-party authenticated key agreement privacy
Unable to display preview. Download preview PDF.
- 1.Aumann, Y., Rabin, M.: Efficient deniable authentication for long messages, International Conference on Theoretical Computer Science in Honor of Professor Manuel Blum’s 60th Birthday (1998), avaible, at http://www.cs.cityu.edu.hk/dept/video.html
- 5.Heng, S.-H., Kurosawa, K.: k-resilient identity-based encryption in the standard model. In: CT-RSA 2004. Lecture Notes in Comput. Sci, vol. 2964, pp. 67–80 (2004)Google Scholar
- 6.Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)Google Scholar
- 10.Okamoto, T., Tso, R., Takagi, T., Okamoto, E.: k-resilient ID-based key distribution schemes from pairing – three party case. In: WCC 2005, pp. 402–412.Google Scholar