Anonymous Signature Schemes

  • Guomin Yang
  • Duncan S. Wong
  • Xiaotie Deng
  • Huaxiong Wang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3958)


Digital signature is one of the most important primitives in public key cryptography. It provides authenticity, integrity and non-repudiation to many kinds of applications. On signer privacy however, it is generally unclear or suspicious of whether a signature scheme itself can guarantee the anonymity of the signer. In this paper, we give some affirmative answers to it. We formally define the signer anonymity for digital signature and propose some schemes of this type. We show that a signer anonymous signature scheme can be very useful by proposing a new anonymous key exchange protocol which allows a client Alice to establish a session key with a server Bob securely while keeping her identity secret from eavesdroppers. In the protocol, the anonymity of Alice is already maintained when Alice sends her signature to Bob in clear, and no additional encapsulation or mechanism is needed for the signature. We also propose a method of using anonymous signature to solve the collusion problem between organizers and reviewers of an anonymous paper review system.


Signature Scheme Random Oracle Mobile Client Message Space Digital Signature Scheme 


  1. 1.
    An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 83–107. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566–582. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: First ACM Conference on Computer and Communications Security, Fairfax, pp. 62–73. ACM Press, New York (1993)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: The exact security of digital signatures - how to sign with RSA and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)Google Scholar
  6. 6.
    Boyd, C., Park, D.: Public key protocols for wireless communications. In: The 1st International Conference on Information Secuirty and Cryptology (ICISC 1998), pp. 47–57 (1998)Google Scholar
  7. 7.
    Boyen, X.: Multipurpose identity-based signcryption: A swiss army knife for identity-based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 383–399. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attack. SIAM J. Computing 17(2), 281–308 (1988)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Harkins, D., Kaufman, C., Perlman, R.: The internet key exchange (IKE) protocol <draft-ietf-ipsec-ikev2-00.txt>. INTERNET-DRAFT (November 2001)Google Scholar
  11. 11.
    Van Herreweghen, E.: Secure anonymous signature-based transactions. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 55–71. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)Google Scholar
  13. 13.
    Laguillaumie, F., Vergnaud, D.: Designated verifier signatures: Anonymity and efficient construction from any bilinear map. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 105–119. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    NIST FIPS PUB 197. Announcing the ADVANCED ENCRYPTION STANDARD (AES) (November 2001)Google Scholar
  15. 15.
    Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)MathSciNetCrossRefMATHGoogle Scholar
  16. 16.
    Schnorr, C.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)Google Scholar
  17. 17.
    Yang, G., Wong, D., Deng, X.: Analysis and improvement of a signcryption scheme with key privacy. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 218–232. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Yang, G., Wong, D., Deng, X.: Efficient anonymous roaming and its security analysis. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 334–349. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Yang, G., Wong, D.S., Deng, X., Wang, H.: Anonymous signature schemes. Cryptology ePrint Archive, Report 2005/407 (2005),

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Guomin Yang
    • 1
  • Duncan S. Wong
    • 1
  • Xiaotie Deng
    • 1
  • Huaxiong Wang
    • 2
  1. 1.Department of Computer ScienceCity University of Hong KongHong KongChina
  2. 2.Department of ComputingMacquarie UniversityAustralia

Personalised recommendations