In some practical circumstances, the ability of a signer should be restricted. In group signature schemes, a group member may be allowed to generate signatures up to a certain number of times according to his/her position in the group. In proxy signature schemes, an original signer may want to allow a proxy signer to generate a certain number of signatures on behalf of the original signer. In the paper, we discuss signature schemes, called c-times signature schemes, that restrict the signing ability of a signer up to c times for pre-defined value c at set-up. We formally define the notion and the security model of c-times signature schemes. In fact, c-times signature schemes can be classified into two types according to restriction features: one with an explicit limitation, called a c-times signature scheme, and the other with an implicit limitation, called an implicit c-times signature scheme. We present two instances of implicit c-times signature schemes and then give proofs of the security. For one instance we suggest cS which is a composition of a signature scheme S based on the discrete logarithm and Feldman's VSS. For the other we present c DSA based on DSA. Our basic approach can be applied to signature schemes such as HVZK based signature schemes. © 2003 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Hwang, J. Y., Kim, H. J., Lee, D. H., & Lim, J. (2003). Digital signature schemes with restriction on signing capability. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2727 LNCS, pp. 324–335). https://doi.org/10.1007/3-540-45067-X_28
Mendeley helps you to discover research relevant for your work.