Paper 2021/1185

Giving an Adversary Guarantees (Or: How to Model Designated Verifier Signatures in a Composable Framework)

Ueli Maurer, Christopher Portmann, and Guilherme Rito

Abstract

When defining a security notion, one typically specifies what dishonest parties cannot achieve. For example, communication is confidential if a third party cannot learn anything about the messages being transmitted, and it is authentic if a third party cannot impersonate the real (honest) sender. For certain applications, however, security crucially relies on giving dishonest parties certain capabilities. As an example, in Designated Verifier Signature (DVS) schemes, one captures that only the designated verifier can be convinced of the authenticity of a message by guaranteeing that any dishonest party can forge signatures which look indistinguishable (to a third party) from original ones created by the sender. However, composable frameworks cannot typically model such guarantees as they are only designed to bound what a dishonest party can do. In this paper we show how to model such guarantees---that dishonest parties must have some capability---in the Constructive Cryptography framework (Maurer and Renner, ICS 2011). More concretely, we give the first composable security definitions for Multi-Designated Verifier Signature (MDVS) schemes---a generalization of DVS schemes. The ideal world is defined as the intersection of two worlds. The first captures authenticity in the usual way. The second provides the guarantee that a dishonest party can forge signatures. By taking the intersection we have an ideal world with the desired properties. We also compare our composable definitions to existing security notions for MDVS schemes from the literature. We find that only recently, 23 years after the introduction of MDVS schemes, sufficiently strong security notions were introduced capturing the security of MDVS schemes (Damg{\r a}rd et al., TCC 2020). As we prove, however, these notions are still strictly stronger than necessary.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
A major revision of an IACR publication in ASIACRYPT 2021
Keywords
Composable SecuritySignaturesDesignated Verifier SignaturesMulti-Designated Verifier Signatures
Contact author(s)
guilherme teixeira @ inf ethz ch
chportma @ gmail com
maurer @ inf ethz ch
History
2021-10-12: revised
2021-09-14: received
See all versions
Short URL
https://ia.cr/2021/1185
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1185,
      author = {Ueli Maurer and Christopher Portmann and Guilherme Rito},
      title = {Giving an Adversary Guarantees (Or: How to Model Designated Verifier Signatures in a Composable Framework)},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1185},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1185}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.