Policy-Controlled Signatures

  • Pairat Thorncharoensri
  • Willy Susilo
  • Yi Mu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5927)


In this paper, we present a new cryptographic primitive called “policy-controlled signature”. In this primitive, a signer can sign a message and attach some policies to it. Only a verifier who satisfies the policies attached can verify the authenticity of the message. This type of signature schemes has many applications, in particular to deal with sensitive data, where the signer does not want to allow anyone who is not authorized to verify its authenticity. Nonetheless, there is no existing cryptographic primitives that can offer this feature in the literature. Policy-controlled signatures can be seen to be similar to the notion of designated verifier signatures, as it can also be used to designate a signature to multiple recipients. When there is only a single attribute involved in a policy presented by a verifier, then we will achieve a designated verifier signature (with some trivial modifications). Therefore, policy-controlled signatures can be viewed as the generalization of the notion of the designated verifier signatures. We present a formal model to capture this notion. Furthermore, we also present a concrete scheme that is secure in our model. Finally, we briefly mention about an implementation that incorporates P3P to realize policy-controlled signatures.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bagga, W., Molva, R.: Policy-based cryptography and applications. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 72–87. Springer, Heidelberg (2005)Google Scholar
  2. 2.
    Jakobsson, M., Sako, K., Impagliazzo, R.: Designated Verifier Proofs and Their Applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)Google Scholar
  3. 3.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D., Staddon, J., Wong, H.: Secret Handshakes from Pairing-based Key Agreements. In: 2003 IEEE Symposium on Security and Privacy, pp. 180–196 (2003)Google Scholar
  4. 4.
    Diffie, W., Hellman, M.E.: New directions in cryptography IT-22(6), 644–654 (November 1976)Google Scholar
  5. 5.
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks 17(2), 281–308 (April 1988); Special issue on cryptographyGoogle Scholar
  6. 6.
    Laguillaumie, F., Vergnaud, D.: Multi-designated verifiers signatures: anonymity without encryption. Inf. Process. Lett. 102(2-3), 127–132 (2007)CrossRefMathSciNetGoogle Scholar
  7. 7.
    Laguillaumie, F., Vergnaud, D.: Designated verifier signatures: Anonymity and efficient construction from any bilinear map. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 105–119. Springer, Heidelberg (2005)Google Scholar
  8. 8.
    Li, Y., Lipmaa, H., Pei, D.: On delegatability of four designated verifier signatures. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 61–71. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Lipmaa, H., Wang, G., Bao, F.: Designated verifier signature schemes: Attacks, new security notions and a new construction. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 459–471. Springer, Heidelberg (2005)Google Scholar
  10. 10.
    Huang, X., Mu, Y., Susilo, W., Zhang, F.: Short designated verifier proxy signature from pairings. In: Enokido, T., Yan, L., Xiao, B., Kim, D.Y., Dai, Y.-S., Yang, L.T. (eds.) EUC-WS 2005. LNCS, vol. 3823, pp. 835–844. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Susilo, W., Zhang, F., Mu, Y.: Identity-based strong designated verifier signature schemes. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 313–324. Springer, Heidelberg (2004)Google Scholar
  12. 12.
    Steinfeld, R., Bull, L., Wang, H., Pieprzyk, J.: Universal designated-verifier signatures. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 523–542. Springer, Heidelberg (2003)Google Scholar
  13. 13.
    Laguillaumie, F., Libert, B., Quisquater, J.-J.: Universal designated verifier signatures without random oracles or non-black box assumptions. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 63–77. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Bagga, W., Molva, R.: Collusion-free policy-based encryption. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 233–245. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Bagga, W., Crosta, S., Molva, R.: Proof-carrying proxy certificates. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 321–335. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Bagga, W., Crosta, S., Michiardi, P., Molva, R.: Establishment of ad-hoc communities through policy-based cryptography. Electr. Notes Theor. Comput. Sci. 171(1), 107–120 (2007)CrossRefGoogle Scholar
  17. 17.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Bresson, E., Stern, J., Szydlo, M.: Threshold ring signatures and applications to ad-hoc groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 465–480. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  19. 19.
    Tsang, P.P., Wei, V.K., Chan, T.K., Au, M.H., Liu, J.K., Wong, D.S.: Separable linkable threshold ring signatures. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 384–398. Springer, Heidelberg (2004)Google Scholar
  20. 20.
    Herranz, J., Sáez, G.: Forking lemmas for ring signature schemes. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 266–279. Springer, Heidelberg (2003)Google Scholar
  21. 21.
    Zhang, F., Kim, K.: Id-based blind signature and ring signature from pairings. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 533–547. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  22. 22.
    Bender, A., Katz, J., Morselli, R.: Ring signatures: Stronger definitions, and constructions without random oracles. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 60–79. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  23. 23.
    Shacham, H., Waters, B.: Efficient ring signatures without random oracles. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 166–180. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  24. 24.
    Fujisaki, E., Suzuki, K.: Traceable ring signature. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 181–200. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Liu, J.K., Wong, D.S.: On the security models of (threshold) ring signature schemes. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 204–217. Springer, Heidelberg (2005)Google Scholar
  26. 26.
    Liu, J.K., Wei, V.K., Wong, D.S.: A separable threshold ring signature scheme. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 12–26. Springer, Heidelberg (2004)Google Scholar
  27. 27.
    W3C: Platform for privacy preferences (p3p) project,
  28. 28.
    Thorncharoensri, P., Susilo, W., Mu, Y.: Policy-controlled signatures (full version). can be obtained from the first author (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Pairat Thorncharoensri
    • 1
  • Willy Susilo
    • 1
  • Yi Mu
    • 1
  1. 1.Centre for Computer and Information Security School of Computer Science & Software EngineeringUniversity of WollongongAustralia

Personalised recommendations