Conditional digital signatures

Quantified Score

Visualization

Abstract

We consider conditional digital signatures (CDS for short). According to this scheme a creator of a CDS signature, say Alice, signs a message M1 conditioned by a Bob's signature of M2. The string created by Alice can be transformed into an Alice's digital signature of M1, once we are given a signature of M2 generated by Bob. Until the moment of creating a Bob's signature of M2, Alice's signature of M1 does not exist in a technical sense. This differs from the previous solutions where merely a condition about M2 has been included into a message signed by Alice. The key feature of our scheme is that Alice prepares the CDS signature before Bob actually signs M2. We propose two CDS schemes – the first one prohibits checking that a signature of M1 has been prepared by Alice until Bob signs M2. In the second case, Alice can prove interactively that the string created hides a CDS signature of some form, but the proof is useless for a third party. We present applications of CDS signatures in business and European legal frameworks. In particular, CDS schemes can be used to build a system in which a signature can be retrieved at a given future date. This feature requires only an institution signing periodically the current time. The scheme is also quite useful for wireless mobile networks, where unreliability of communication may cause many problems. CDS scheme may be used there for signing in advance even if a protocol requires a fixed sequential schedule.