Paper 2008/098

On Security Notions for Verifiable Encrypted Signature

Xu-An Wang, Xiaoyuan Yang, and Yiliang Han


First we revisit three - BGLS, MBGLS and GZZ verifiably encrypted signature schemes[2,3,6].We find that they are all not strong unforgeable.We remark that the notion of existential unforgeable is not sufficient for fair exchange protocols in most circumstances.So we propose three new - NBGLS, MBGLS and NGZZ verifiably encrypted signature schemes which are strong unforgeable. Also we reconsider other two - ZSS and CA verifiably encrypted signature schemes[4,8], we find that they both cannot resist replacing public key attack. So we strongly suggest that strong unforgeable for verifiably encrypted signature maybe a better notion than existential unforgeable and checking adjudicator knowing its private key is a necessary step for secure verifiably encrypted signature scheme.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
wangxahq @ yahoo com cn
2008-05-21: revised
2008-03-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Xu-An Wang and Xiaoyuan Yang and Yiliang Han},
      title = {On Security Notions for Verifiable Encrypted Signature},
      howpublished = {Cryptology ePrint Archive, Paper 2008/098},
      year = {2008},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.