A fair concurrent signature scheme based on identity
HPCA'09 Proceedings of the Second international conference on High Performance Computing and Applications
| Hi-index | 0.00 |
The concept of concurrent signatures was introduced by Chen, Kudla and Paterson in their seminal paper in Eurocrypt 2004 which allows two entities to produce two signatures in such a way that, the signer of each signature is ambiguous from any third party's point of view until the release of a secret, known as the keystone. Once the keystone is released, both signatures become binding to their respective signers concurrently. Later, a stronger notion called perfect concurrent signatures with two concrete schemes was proposed by Susilo, Mu and Zhang. In perfect concurrent signatures, although both signers are known to be trustworthy, the two signatures are still ambiguous to any third party. Unfortunately, Susilo et al.'s schemes are unfair. In this paper, we first show that in their schemes the initial signer can cheat the matching signer by carefully choosing some communication value and then propose fair perfect concurrent signature protocol to fix our attacks.