A Secure Designated Signature Scheme

Advances in Intelligent Systems and Computing, 2017

Directed signature is the solution of such problems when the signed message contains information sensitive to the signature receiver. Generally, in many application of directed signature, the signer is generally a single person. But when the message is on behalf of an organization, a valid sensitive message may require the approval of several people. Threshold signature schemes are used to solve these problems. This paper presents a threshold directed signature scheme.

International Review on Computers and Software, 2007

This article introduces a designated receiver signature scheme which is carrying a characteristic that let the signature to be verified by the cooperation of the signature recipient only. This proposed digital signature scheme is aimed to secure the confidentiality of the signature recipient in many uses since the signed document hold too important data regarding recipient personally. We claim that the proposed scheme is scalable, secure, completely dynamic and more efficient than the already existed schemes.

Information

In modern applications, such as Electronic Voting, e-Health, e-Cash, there is a need that the validity of a signature should be verified by only one responsible person. This is opposite to the traditional digital signature scheme where anybody can verify a signature. There have been several solutions for this problem, the first one is we combine a signature scheme with an encryption scheme; the second one is to use the group signature; and the last one is to use the strong designated verifier signature scheme with the undeniable property. In this paper, we extend the traditional digital signature scheme to propose a new solution for the aforementioned problem. Our extension is in the sense that only a designated verifier (responsible person) can verify a signer’s signature, and if necessary (in case the signer refuses to admit his/her signature) the designated verifier without revealing his/her secret key is able to prove to anybody that the signer has actually generated the signatu...

Corr, 2004

In this paper, we propose a Directed Threshold Multi-Signature Scheme. In this threshold signature scheme, any malicious set of signers cannot impersonate any other set of signers to forge the signatures. In case of forgery, it is possible to trace the signing set. This threshold signature scheme is applicable when the message is sensitive to the signature receiver; and the signatures are generated by the cooperation of a number of people from a given group of senders.

Lecture Notes in Computer Science, 2009

Universal designated verifier signatures (UDVS) were introduced in 2003 by Steinfeld et al. to allow signature holders to monitor the verification of a given signature in the sense that any plain signature can be publicly turned into a signature which is only verifiable by some specific designated verifier. Privacy issues, like non-dissemination of digital certificates, are the main motivations to study such primitives. In this paper, we propose two fairly efficient UDVS schemes which are secure (in terms of unforgeability and anonymity) in the standard model (i.e. without random oracles). Their security relies on algorithmic assumptions which are much more classical than assumptions involved in the two only known UDVS schemes in standard model to date. The latter schemes, put forth by , rely on the Strong Diffie-Hellman assumption and the strange-looking knowledge of exponent assumption (KEA). Our schemes are obtained from Waters's signature and they do not need the KEA assumption. They are also the first random oracle-free constructions with the anonymity property.

arXiv (Cornell University), 2008

Proxy signature schemes have been invented to delegate signing rights. The paper proposes a new concept of Identify Based Strong Bi-Designated Verifier threshold proxy signature (ID-SBDVTPS) schemes. Such scheme enables an original signer to delegate the signature authority to a group of 'n' proxy signers with the condition that 't' or more proxy signers can cooperatively sign messages on behalf of the original signer and the signatures can only be verified by any two designated verifiers and that they cannot convince anyone else of this fact.

International Journal of Advanced Computer Science and Applications

The threshold proxy signature scheme allows the original signer to delegate a signature authority to the proxy group to cooperatively sign message on behalf of an original signer. In this paper, we propose a new scheme which includes the features and benefits of the RSA scheme. Also, we will evaluate the security of undeniable threshold proxy signature scheme with known signers. We find that the existing threshold proxy scheme is insecure against the original signer forgery. In this paper, we show the cryptanalysis of an existed scheme. Additional, we propose the secure, undeniable and known signers threshold proxy signature scheme which answers the drawback of an existed scheme. We also demonstrate that a threshold proxy signature suffers from a conspiracy of an original signer and a secret share dealer, that the scheme is commonly forgeable, and cannot offer undeniable. We claim that the proposed scheme offers the undeniable characteristic.

Lecture Notes in Computer Science, 2003

A (t, n) threshold signature scheme allows t or more group members to generate signatures on behalf of a group with n members, while any t − 1 or less members cannot do the same thing. In 2001, based on a variant of ElGamal digital signature scheme, Li et al. proposed two (t, n) threshold signature schemes with traceable signers. One of their schemes needs the assistance of a mutually trusted center, while the other does not. In this paper, we present a security analysis on their schemes. We first point out that in fact signers in their schemes are untraceable, since anybody can convert a valid threshold signature into a new one such that another subset of group members will be wrongly considered as the signers of the new threshold signature for the same message. Furthermore, we demonstrate an attack to show that their second threshold signature scheme is insecure. In our attack, (n − t + 1) colluding members can control the group secret key. Therefore, they can generate valid threshold signature for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any t members can generate threshold signatures according to the prescribed protocols.

Wireless Personal Communications, 2014

Many threshold proxy signature schemes are proposed in which the t out of n threshold schemes are deployed; but they still lack the property of security. In this research paper, secret sharing proxy signature could permit the shares of designated signers, called proxy signers, renew their own proxy shares periodically without changing the secret. In particular, our scheme applies the (t, n) threshold proxy signature scheme and allows any t or more then t signers to form a designated group from n proxy signers to sign messages on behalf of the original signer. In the proposed scheme, furthermore, a proxy signer can recover his/her own share from t other proxy shares without revealing any information about other proxy shares. Unless more than t other proxy signers cooperate and collude, the secret share algorithm is always secure. We compare the performance of four schemes: Hwang et al., Wen et al., Geng et al. and Fengying et al. with the performance of a scheme that has been proposed by the authors of this article earlier. In the proposed scheme, both the combiner and the secret share holder can verify the correctness of the information that they are receiving from each other. Therefore, the enhanced threshold proxy signature scheme is secure and efficient against notorious conspiracy attacks.

2009

In this paper we propose a new designated verifier signature scheme based on the threshold signature scheme presented [8] by Ghodosi and Pieprzyk. The advantages of the new scheme compared with previously proposed solutions are its computational efficiency and its simple and rational design that allows distributed implementations of the computations and suits the needs of both single individuals and organizations wishing to set a threshold on the number of required signers. The signing key size remains bounded by the size of a RSA modulus. Moreover, in addition to the computation of a classical RSA signature, the signature generation of our scheme needs only one modular multiplication; the verification process in our scheme remains the same than a classical RSA signature verification.