Generic Construction of (Identity-Based) Perfect Concurrent Signatures
The notion of concurrent signatures was recently introduced by Chen, Kudla and Paterson. In concurrent signature schemes, two entities can produce two signatures that are not binding, until an extra piece of information (namely the keystone) is released by one of the parties. Subsequently, it was noted that the concurrent signature scheme proposed in the seminal paper cannot provide perfect ambiguity. Then, the notion of perfect concurrent signatures was introduced. In this paper, we define the notion of identity-based(or ID-based) perfectconcurrent signatureschemes. We provide the first generic construction of (ID-based) perfect concurrent signature schemes from ring signature schemes. Using the proposed framework, we give two concrete ID-based perfect concurrent signature schemes based on two major paradigms of ID-based ring signature schemes. Security proofs are based on the random oracle model.
KeywordsConcurrent Signatures Perfect Ambiguity Fair-Exchange Ring Signatures Identity-based Signatures Bilinear Pairing
Unable to display preview. Download preview PDF.
- 1.Asokan, N., Shoup, V., Waidner, M.: Optimistic Fair Exchange of Digital Signatures. IEEE Journal on Selected Areas in Communications 18 (2000)Google Scholar
- 2.Bao, F., Deng, R.H., Mao, W.: Efficient and Practical Fair Exchange Protocols. In: IEEE Symposium on Security and Privacy 1998, pp. 77–85 (1998)Google Scholar
- 9.Dodis, Y., Reyzin, L.: Breaking and Repairing Optimistic Fair Exchange from PODC 2003. In: ACM Workshop on Digital Rights Management (2003)Google Scholar
- 11.Pointcheval, D., Stern, J.: Security Proofs for Signature Schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)Google Scholar