Key-Privacy in Public-Key Encryption
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Security of Signature Schemes in a Multi-User Setting
Designs, Codes and Cryptography
Certificateless signature: a new security model and an improved generic construction
Designs, Codes and Cryptography
Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups
Journal of Cryptology
Information Security and Cryptology
Anonymous signatures made easy
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Invisibility and anonymity of undeniable and confirmer signatures
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Provably secure convertible undeniable signatures with unambiguity
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Hi-index | 0.00 |
We revisit the notion of the anonymous signature, first formalized by Yang, Wong, Deng and Wang [10], and then further developed by Fischlin [4] and Zhang and Imai [11]. We present a new formalism of anonymous signature, where instead of the message, a part of the signature is withheld to maintain anonymity. We introduce the notion unpretendability to guarantee infeasibility for someone other than the correct signer to pretend authorship of the message and signature. Our definition retains applicability for all previous applications of the anonymous signature, provides stronger security, and is conceptually simpler. We give a generic construction from any ordinary signature scheme, and also show that the short signature scheme by Boneh and Boyen [2] can be naturally regarded as such a secure anonymous signature scheme according to our formalism.