A forward-secure blind signature scheme based on the strong RSA assumption

Abstract

Key exposures bring out very serious problems in security services. Especially, it is more severe in the applications such as electronic cash or electronic payment where money is directly involved. Forward secrecy is one of the security notions addressing the key exposure issues. Roughly speaking, forward secrecy is aimed to protect the validity of all actions using the secret key before the key exposure. In this paper, we investigate the key exposure problem in blind signature (with an application to the electronic cash in mind) and propose a blind signature scheme which guarantees forward secrecy. Our scheme is constructed from the provably secure Okamoto-Guillou-Quisquater (OGQ for short) blind signature scheme. Using the forking lemma by Pointcheval and Stern [4], we can show the equivalence between the existence of a forger with the solvability of the strong RSA problem. Further we show that our scheme introduces no significant communication overhead comparing with the original OGQ scheme. © Springer-Verlag Berlin Heidelberg 2003.