Abstract
In contrast to ordinary digital signatures, the verification of undeniable signatures and of confirmer signatures requires the cooperation of the signer or of a designated confirmer, respectively. Various schemes have been proposed so far, from practical solutions based on specific number-theoretic assumptions to theoretical constructions using basic cryptographic primitives. To motivate the necessity of new and provably secure constructions for confirmer signatures, we first describe a flaw in a previous realization by Okamoto. We then present two generic constructions for designing provably secure and efficient confirmer variants of many well-known signature schemes, including the schemes by Schnorr, Fiat and Shamir, ElGamal, and the RSA scheme. The constructions employ a new tool called confirmer commitment schemes. In this concept the ability to open the committed value is delegated to a designated confirmer. We present an efficient realization based on the Decision-Diffie-Hellman assumption.
Author supplied keywords
Cite
CITATION STYLE
Michels, M., & Stadler, M. (1998). Generic constructions for secure and efficient confirmer signature schemes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1403, pp. 406–421). Springer Verlag. https://doi.org/10.1007/BFb0054142
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
