Paper 2019/1153
Stronger Notions and Constructions for Multi-Designated Verifier Signatures
Ivan Damgård and Helene Haagh and Rebekah Mercer and Anca Nițulescu and Claudio Orlandi and Sophia Yakoubov
Abstract
Off-the-Record (OTR) messaging is a protocol used to authenticate messages while also giving senders plausible deniability. Multi-Designated Verifier Signatures (MDVS) are a primitive that allows for OTR to be extended to handle group messaging. In group OTR, the sender wants the designated verifiers to be able to authenticate the messages (that is, the signature should be unforgeable), but even if some verifiers are corrupt and collude, they should not be able to prove authenticity to any outsiders (that is, the signature should be source-hiding). We additionally require consistency, meaning that if any one of the designated verifiers can verify an honestly produced signature, then all of them can. The contributions of this paper are two-fold: stronger definitions, and new constructions meeting those definitions. Existing literature defines and builds limited notions of MDVS, where source-hiding only holds when all verifiers are corrupt. We strengthen source-hiding to support any subset of corrupt verifiers, and give the first formal definition of consistency. We give two constructions of our stronger notion of MDVS: one from functional encryption, and one from standard primitives such as pseudorandom functions, pseudorandom generators, key agreement and NIZKs. The second construction has somewhat larger signatures, but does not require a trusted setup.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- signaturesdesignated verifier signaturesOTR messaging
- Contact author(s)
- ivan @ cs au dk,orlandi @ cs au dk,sophia yakoubov @ gmail com
- History
- 2020-05-27: last of 4 revisions
- 2019-10-07: received
- See all versions
- Short URL
- https://ia.cr/2019/1153
- License
-
CC BY