Paper 2004/038

Chameleon Hashing without Key Exposure

Xiaofeng Chen, Fangguo Zhang, and Kwangjo Kim

Abstract

Chameleon signatures are based on well established hash-and-sign paradigm, where a \emph{chameleon hash function} is used to compute the cryptographic message digest. Chameleon signatures simultaneously provide the properties of non-repudiation and non-transferability for the signed message, $i.e.,$ the designated recipient is capable of verifying the validity of the signature, but cannot disclose the contents of the signed information to convince any third party without the signer's consent. One disadvantage of the initial chameleon signature scheme is that signature forgery results in the signer recovering the recipient's trapdoor information, $i.e.,$ private key. Therefore, the signer can use this information to deny \emph{other} signatures given to the recipient. This creates a strong disincentive for the recipient to forge signatures, partially undermining the concept of non-transferability. In this paper, we firstly propose a chameleon hashing scheme in the gap Diffie-Hellman group to solve the problem of key exposure. We can prove that the recipient's trapdoor information will never be compromised under the assumption of Computation Diffie-Hellman Problem (CDHP) is intractable. Moreover, we use the proposed chameleon hashing scheme to design a chameleon signature scheme.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Chameleon hashingGap Diffie-Hellman groupKey exposureDigital signatures.
Contact author(s)
crazymount @ icu ac kr
History
2004-02-16: received
Short URL
https://ia.cr/2004/038
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2004/038,
      author = {Xiaofeng Chen and Fangguo Zhang and Kwangjo Kim},
      title = {Chameleon Hashing without Key Exposure},
      howpublished = {Cryptology {ePrint} Archive, Paper 2004/038},
      year = {2004},
      url = {https://eprint.iacr.org/2004/038}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.