Paper 2009/307

Anonymous Signatures Revisited

Vishal Saraswat and Aaram Yun


We revisit the notion of the anonymous signature, first formalized by Yang, Wong, Deng and Wang, and then further developed by Fischlin, and Zhang and Imai. We present a new formalism of anonymous signature, where instead of the message, a part of the signature is withheld to maintain anonymity. We introduce the notion unpretendability to guarantee infeasibility for someone other than the correct signer to pretend authorship of the message and signature. Our definition retains applicability for all previous applications of the anonymous signature, provides stronger security, and is conceptually simpler. We give a generic construction from any ordinary signature scheme, and also show that the short signature scheme by Boneh and Boyen can be naturally regarded as such a secure anonymous signature scheme according to our formalism.

Note: We revised security definitions and modified the result about Boneh-Boyen accordingly. Also we reformulated our constructions in terms of commitment schemes.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. A previous version is to be published in ProvSec 2009
anonymous signaturesignatureanonymityunpretendability
Contact author(s)
aaramyun @ gmail com
2009-10-12: revised
2009-07-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Vishal Saraswat and Aaram Yun},
      title = {Anonymous Signatures Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2009/307},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.