We prove our construction secure under the above assumptions as well as Paillier's DCR assumption in the concurrent attack model of Juels, Luby and Ostrovsky from Crypto '97 using a common reference string. Our construction is the first efficient construction for blind signatures in such a concurrent model without random oracles. We present two variants of our basic protocol: first, a blind signature scheme where blindness still holds even if the public-key generation is maliciously controlled; second, a blind signature scheme that incorporates a ``public-tagging'' mechanism. This latter variant of our scheme gives rise to a partially blind signature with essentially the same efficiency and security properties as our basic scheme.
Category / Keywords: Blind Signatures Date: received 29 Nov 2005, last revised 20 May 2006 Contact author: hszhou at cse uconn edu Available format(s): PDF | BibTeX Citation Version: 20060520:061548 (All versions of this report) Short URL: ia.cr/2005/435 Discussion forum: Show discussion | Start new discussion