Gradually convertible undeniable signatures (Michels-Petersen-Horster convertible undeniable signatures revisited)

Abstract

In 1990, Boyar, Chaum, Damgård and Pedersen introduced convertible undeniable signatures which limit the self-authenticating property of digital signatures but can be converted by the signer to ordinary signatures. Michels, Petersen and Horster presented, in 1996, an attack on the Elgamal-based seminal scheme of Boyar et al. and proposed a repaired version without formal security analysis. In this paper, we modify their protocol so that it becomes a generic one and it provides an advanced feature which permits the signer to universally convert achronously all signatures pertaining to a specific time period. We supply a formal security treatment of the modified scheme: we prove, in the generic group model, that the protocol is existentially unforgeable and anonymous under chosen message attacks, assuming new assumptions (though reasonable) on the underlying hash function. © Springer-Verlag Berlin Heidelberg 2007.