Privacy and Anonymity Protection with Blind Threshold Signatures

J. Inf. Sci. Eng., 2002

In this paper, we propose a provably secure group-oriented blind (t, n) threshold signature scheme, which is the first scheme whose security is proved to be equivalent to the discrete logarithm problem in the random oracle model. Based on the scheme, any t out of n signers in a group can represent the group in signing blind threshold signatures, which can be used in anonymous digital e-cash systems or secure voting systems. By means of our proposed scheme, the issue of e-coins is controlled by several authorities. In our scheme, the size of a blind threshold signature is the same as that of an individual blind signature, and the signature verification process is equivalent to that for an individual signature.

In this paper, we propose a group-oriented fair blind (t; n) threshold signature scheme based on the discrete logarithm problem. By the scheme, any t out of n signers in a group can represent the group to sign fair blind threshold signatures, which can be used in anonymous e-cash systems. Since blind signature schemes provide perfect unlinkability, such e-cash systems can be misused by criminals, e.g. to safely obtain a ransom or to launder money. Our scheme allows the judge (or the government) to deliver information allowing anyone of the t signers to link his view of the protocol and the message-signature pair. In our scheme, the size of a fair blind threshold signature is the same as that of an individual fair blind signature and the signature veri cation process is simpli ed by means of a group public key. The security of our scheme relies on the di culty of computing discrete logarithm.

Lecture Notes in Computer Science, 1996

In this paper, we propose two group-oriented (t; n) blind threshold signature schemes based on the discrete logarithm problem. By these schemes, any t out of n signers in a group can represent the group to sign blind threshold signatures. In our schemes, the size of a threshold signature is the same as the size of an individual signature and the signature veri cation process is simpli ed by means of a group public key. Our proposed schemes do not require the assistance of a mutually trusted authority. In addition each signer can select his own private key and the group public key is determined by all the members. The security of our schemes rely on the di culty of computing discrete logarithm.

Computer Communications, 1999

In this paper, we propose a group-oriented partially blind (t, n) threshold signature scheme based on the discrete logarithm problem. By the scheme, any t out of n signers in a group can represent the group to sign partially blind threshold signatures, which can be used in anonymous digital e-cash systems or secure voting schemes. By our proposed scheme, the growth of the bank's database was successfully minimized and the issue of e-coins is controlled by several authorities. Our proposed scheme can greatly simplify the voting processes when several elections are to be held in a short period of time by embedding information about each election in a partially blind threshold signature. In our scheme, the size of a partially blind threshold signature is the same as that of an individual partially blind signature and the signature verification process is simplified by a group public key. The security of our scheme relies on the difficulty of computing discrete logarithm.

Group blind signatures combine anonymity properties of both group signatures and blind signatures and offer privacy for both the message to be signed and the signer. Their applications include multi-authority e-voting and distributed e-cash systems. The primitive has been introduced with only informal definitions for its required security properties. We offer two main contributions: first, we provide foundations for the primitive where we present formal security definitions offering various flavors of anonymity relevant to this setting. In the process, we identify and address some subtle issues which were not considered by previous constructions and (informal) security definitions. Our second main contribution is a generic construction that yields practical schemes with round-optimal signing and constant-size signatures. Our constructions permit dynamic and concurrent enrollment of new members, satisfy strong security requirements, and do not rely on random oracles. In addition, we introduce some new building blocks which may be of independent interest.

WSEAS Transactions …, 2010

Recently, there has been an increasing interest to improve the efficiency in election processes which has brought as a consequence a wide range of proposals for electronic voting. Electronic voting protocols are a reasonable alternative to conventional elections. Nevertheless, they are facing an evolution due to its requirements, especially the ones needed to provide full security considered to represent a democratic electronic vote. In the literature, different protocols based on public key schemes have been proposed to meet such security requirements. In this paper, we propose the use of bilinear pairings in order to provide the security requirements that an electronic voting protocol must meet, without requiring the entire infrastructure needed in a public key scheme. Proposed protocol considers two cryptographic primitives as main building blocks: threshold and blind signature schemes. It is divided in four main stages: setup , authentication, voting and counting. Moreover, it meets privacy, accuracy and robustness by using bilinear pairings. We make a comparative analysis, which is based on its performance and the key pairs, Trust and Certification Authorities it requires.

Public Key Cryptography—PKC 2003, 2002

We propose a robust proactive threshold signature scheme, a multisignature scheme and a blind signature scheme which work in any Gap Diffie-Hellman (GDH) group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy). Our constructions are based on the recently proposed GDH signature scheme of Boneh et al. [8]. Due to the instrumental structure of GDH groups and of the base scheme, it turns out that most of our constructions are simpler, more efficient and have more useful properties than similar existing constructions. We support all the proposed schemes with proofs under the appropriate computational assumptions, using the corresponding notions of security.

International Journal of Electrical and Computer Engineering (IJECE), 2020

We introduce in this paper a new identity-based threshold signature (IBTHS) technique, which is based on a pair of intractable problems, residuosity and discrete logarithm. This technique relies on two difficult problems and offers an improved level of security relative to an on two difficult hard problems. The majority of the denoted IBTHS techniques are established on an individual difficult problem. Despite the fact that these methods are secure, however, a prospective solution of this sole problem by an adversary will enable him/her to recover the entire private data together with secret keys and configuration values of the associated scheme. Our technique is immune to the four most familiar attack types in relation to the signature schemes. Enhanced performance of our proposed technique is verified in terms of minimum cost of computations required by both of the signing algorithm and the verifying algorithm in addition to immunity to attacks. 1. INTRODUCTION In 1971, the idea of digital signature was first presented by Diffie and Helman [1] that enabled a signer in possession of a secrete key to sign a message, while anybody using a public key could perform verification of the signature. The notion of threshold signatures was presented by Desmedt [2] in 1987. A secret key, and correspondingly, the signing power, is shared to a collection of players in a (,) threshold signature scheme, where this is accomplished in a manner that any subset of players is able to collectively deliver a signature on the account of the group, whereas a subset composed of up to −1 players is incapable. The threshold signature is fundamental yet of a great significance cryptographic scheme that is due to its bifold function: by boosting the opportunity of the signing agency while simultaneously improving the safeguarding process against fraudulence through completing the learn process of the secret signature key for the antagonist. Subsequent to Desmedt's creation, in the commonly-named threshold cryptography domain, several threshold signature approaches incorporated on diverse premise were formulated, such as [3-8]. In order to streamline key management processes in certificate based public key setting, Shamir [9] in 1984, called for identity-based (ID-based) encryption and signature methods. Thenceforth, in the scope of this commonly-named ID-based cryptography, scores of identity-based cryptography techniques were put forward, such as the works of [10, 11]. The remarkably prominent tool has proposed bilinear pairing [10] in constructing identity-based cryptography primitives, where ID-based could be substituted for certificate-based in public key setting. This is of a special interest particularly when there is a requirement for efficient key management while moderate security is needed. The entire developed literature put forward on ID-based threshold group signature contains approaches that rely on an individual hard problem such as factoring,

Lecture Notes in Computer Science, 2003

A (t, n) threshold signature scheme allows t or more group members to generate signatures on behalf of a group with n members, while any t − 1 or less members cannot do the same thing. In 2001, based on a variant of ElGamal digital signature scheme, Li et al. proposed two (t, n) threshold signature schemes with traceable signers. One of their schemes needs the assistance of a mutually trusted center, while the other does not. In this paper, we present a security analysis on their schemes. We first point out that in fact signers in their schemes are untraceable, since anybody can convert a valid threshold signature into a new one such that another subset of group members will be wrongly considered as the signers of the new threshold signature for the same message. Furthermore, we demonstrate an attack to show that their second threshold signature scheme is insecure. In our attack, (n − t + 1) colluding members can control the group secret key. Therefore, they can generate valid threshold signature for any message without the help of other members. Furthermore, honest members cannot detect this security flaw in the system, since any t members can generate threshold signatures according to the prescribed protocols.