Paper 2008/094

Universally Composable Undeniable Signature

Kaoru Kurosawa and Jun Furukawa

Abstract

How to define the security of undeniable signature schemes is a challenging task. This paper presents two security definitions of undeniable signature schemes which are more useful or natural than the existing definition. It then proves their equivalence. We first define the UC-security, where UC means universal composability. We next show that there exists a UC-secure undeniable signature scheme which does not satisfy the standard definition of security that has been believed to be adequate so far. More precisely, it does not satisfy the invisibility defined by \cite{DP96}. We then show a more adequate definition of invisibility which captures a wider class of (naturally secure) undeniable signature schemes. We finally prove that the UC-security against non-adaptive adversaries is equivalent to this definition of invisibility and the strong unforgeability in $\cF_{ZK}$-hybrid model, where $\cF_{ZK}$ is the ideal ZK functionality. Our result of equivalence implies that all the known proven secure undeniable signature schemes (including Chaum's scheme) are UC-secure if the confirmation/disavowal protocols are both UC zero-knowledge.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. accepted by ICALP 2008
Keywords
Universal composabilityundeniable signature scheme
Contact author(s)
kurosawa @ mx ibaraki ac jp
History
2008-05-19: revised
2008-03-03: received
See all versions
Short URL
https://ia.cr/2008/094
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/094,
      author = {Kaoru Kurosawa and Jun Furukawa},
      title = {Universally Composable Undeniable Signature},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/094},
      year = {2008},
      url = {https://eprint.iacr.org/2008/094}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.