Minimum disclosure proofs of knowledge
Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
Zero-knowledge undeniable signatures (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
CRYPTO '89 Proceedings on Advances in cryptology
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Convertible Undeniable Signatures
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Designated Confirmer Signatures and Public-Key Encryption are Equivalent
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
RSA-Based Undeniable Signatures
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
How to Convert any Digital Signature Scheme into a Group Signature Scheme
Proceedings of the 5th International Workshop on Security Protocols
Designated verifier proofs and their applications
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Hi-index | 0.00 |
The undeniable signature, introduced by Chaum et al. in 1989, provides a nice property that the signer has an additional control over who will benefit from being convinced by the signature. However, a conspicuous drawback of undeniable signature is that the signer may be unavailable or refuse to cooperate. Chaum in 1994 proposed a designated confirmer signature scheme to protect the recipient's right. There exists a confirmer, who can always help the recipient prove the validity of the signature to others. Unfortunately, Chaum's paper did not consider that a malicious confirmer proves the validity of the signature to any persons as his will or even leaks the sensitive information to the signer's enemies. This paper proposes a new signature scheme called proxy confirmation signature where the proxy confirmer can only acquire a temporary proxy confirmation capability instead of a perpetual one from the signer. That is, the signer not only can delegate the confirmation capability to the proxy confirmer, but also can revoke the proxy confirmer's capability for avoiding the abuse. Moreover, our scheme also provides a technique to properly restrict the proxy confirmer to convincing only some specified verifiers that the signature is valid.