Paper 2009/435

Efficient Confirmer Signatures from the ``Signature of a Commitment'' Paradigm

Laila El Aimani

Abstract

Generic constructions of designated confirmer signatures follow one of the following two strategies; either produce a digital signature on the message to be signed, then encrypt the resulting signature, or produce a commitment on the message, encrypt the string used to generate the commitment and finally sign the latter. We study the second strategy by determining the exact security property needed in the encryption to achieve secure constructions. This study infers the exclusion of a useful type of encryption from the design due to an intrinsic weakness in the paradigm. Next, we propose a simple method to remediate to this weakness and we get efficient constructions which can be used with \emph{any} digital signature.

Metadata
Available format(s)
PDF PS
Publication info
Published elsewhere. Unknown where it was published
Keywords
Designated Confirmer signatures``Signature of a commitment'' paradigmGeneric constructionReductionmeta-reductionZero Knowledge.
Contact author(s)
elaimani @ bit uni-bonn de
History
2009-11-24: revised
2009-09-08: received
See all versions
Short URL
https://ia.cr/2009/435
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/435,
      author = {Laila El Aimani},
      title = {Efficient Confirmer Signatures from the  ``Signature of a Commitment'' Paradigm},
      howpublished = {Cryptology ePrint Archive, Paper 2009/435},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/435}},
      url = {https://eprint.iacr.org/2009/435}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.