A Robust Verifiably Encrypted Signature Scheme
A verifiably encrypted signature can convince the verifier that a given cipher-text is the encryption of a signature on a given message. It is often used as a building block to construct optimistic fair exchange. Recently, Gu et.al gave an ID-based verifiably encrypted signature scheme and claimed that their scheme was secure in random oracle model. Unfortunately, in this works, we show that their scheme is insecure. And we can mount to universal forgery attack in their model. In other words, any one is able to forge a verifiably encrypted signature on arbitrary message m. Subsequently, a novel verifiably encrypted signature scheme (VES) is proposed and the scheme is proven secure in random oracle model. Moreover, the size of verifiably encrypted signature in our scheme is shorter than that of Gu et.al’s signature.
KeywordsSignature Scheme Random Oracle Blind Signature Random Oracle Model Fair Exchange
- 5.Bao, F., Deng, R.H., Mao, W.: Efficient and Practical fair exchange protocols with off-line TTP. In: IEEE Symposium on Security and Privacy, Oakland, CA (1998)Google Scholar
- 10.Pointcheval, D., Stern, J.: Security Arguments for Digital Signatures and Blind Signatures. Journal of Cryptology 13(3), 361–396Google Scholar
- 11.Hess, F.: Efficient Identity Based Signature Schemes Based on Pairings. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)Google Scholar