Cryptology ePrint Archive: Report 2009/435

Efficient Confirmer Signatures from the ``Signature of a Commitment'' Paradigm

Laila El Aimani

Abstract: Generic constructions of designated confirmer signatures follow one of the following two strategies; either produce a digital signature on the message to be signed, then encrypt the resulting signature, or produce a commitment on the message, encrypt the string used to generate the commitment and finally sign the latter.

We study the second strategy by determining the exact security property needed in the encryption to achieve secure constructions. This study infers the exclusion of a useful type of encryption from the design due to an intrinsic weakness in the paradigm. Next, we propose a simple method to remediate to this weakness and we get efficient constructions which can be used with \emph{any} digital signature.

Category / Keywords: Designated Confirmer signatures, ``Signature of a commitment'' paradigm, Generic construction, Reduction/meta-reduction, Zero Knowledge.

Date: received 4 Sep 2009, last revised 24 Nov 2009

Contact author: elaimani at bit uni-bonn de

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20091124:163915 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]