Paper 2022/1128

On the (im)possibility of ElGamal blind signatures

Liliya Akhmetzyanova
Evgeny Alekseev
Alexandra Babueva
Stanislav Smyshlyaev
Abstract

In the current paper we investigate the possibility of designing secure blind signature scheme based on ElGamal signature equation. We define the generalized construction and analyze its security. We consider two types of schemes with the proposed construction, that cover all existing schemes. For schemes of the first type we provide generic ROS-style attack that violates unforgeability in the parallel setting. For schemes of the second type we prove that they do not provide either blindness, or unforgeability. As the result, we prove that all known ElGamal blind signature schemes are not secure. Moreover, these results show that the existence of secure ElGamal blind signature scheme is potentially possible only for small set of signature equations and requires the non-standard way of generating the first component of the signature.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. CTCrypt 2022 Preproceedings
Keywords
ElGamal signature scheme blind signature scheme ROS attack
Contact author(s)
babueva @ cryptopro ru
History
2022-08-31: approved
2022-08-30: received
See all versions
Short URL
https://ia.cr/2022/1128
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1128,
      author = {Liliya Akhmetzyanova and Evgeny Alekseev and Alexandra Babueva and Stanislav Smyshlyaev},
      title = {On the (im)possibility of {ElGamal} blind signatures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1128},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1128}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.