How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Divertible zero knowledge interactive proofs and commutative random self-reducibility
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Trustee-based tracing extensions to anonymous cash and the making of anonymous change
Proceedings of the sixth annual ACM-SIAM symposium on Discrete algorithms
Making unfair a "fair" blind signature scheme
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
SAC '99 Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography
Digital Payment Systems with Passive Anonymity-Revoking Trustees
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Provably Secure Partially Blind Signatures
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Digital Signature Scheme Based on an Elliptic Curve Over the Ring Zn
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Security of Blind Digital Signatures (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Practical Secret Voting Scheme for Large Scale Elections
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
"Indirect Discourse Proof": Achieving Efficient Fair Off-Line E-cash
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A Secure Three-Move Blind Signature Scheme for Polynomially Many Signatures
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Provably Secure Blind Signature Schemes
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Provably Secure Fair Blind Signatures with Tight Revocation
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient concurrent zero-knowledge in the auxiliary string model
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Concurrently-secure blind signatures without random oracles or setup assumptions
TCC'07 Proceedings of the 4th conference on Theory of cryptography
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Efficient blind signatures without random oracles
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Foundations of group signatures: the case of dynamic groups
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Defeating malicious servers in a blind signatures based voting system
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
Concurrent blind signatures without random oracles
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Round-optimal composable blind signatures in the common reference string model
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Efficient blind and partially blind signatures without random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Fair blind signatures without random oracles
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Fair partially blind signatures
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Group signatures with controllable linkability for dynamic membership
Information Sciences: an International Journal
Hi-index | 0.00 |
This paper presents a formal model for fair blind signature schemes and a provably secure scheme based on bilinear maps. A blind signature scheme is a protocol for obtaining a signature on a message which is unknown from the signer. Furthermore, the signer cannot link his transcript of a protocol to the resulting message-signature pair. Fair blind signatures were introduced by Stadler et al. at Eurocrypt'95 in [37]. A fair blind signature scheme is a blind signature scheme allowing two types of blindness revocation: link a signature to the session which conducted this signature (Session Tracing) or, conversely, identify a signature knowing a signing session (Signature Tracing). Various fair blind signature schemes have been proposed in the past years, but none of them presents a secure fair blind signature scheme that allows polynomially many signatures to be securely issued, even if Abe et al.'s claimed it in [3]. In this paper, we first show a flaw in the blindness of most (fair) blind signature schemes where the signer is able to link signatures if he chooses his keys in an appropriate way. Then, we show a flaw in the proof of unforgeability of Abe et al.' scheme and propose a stronger security model than theirs. It possesses all the needed properties for fair blind signature schemes: blindness, traceability and non frameability for both revocations (the one-more unforgeability is implied by these properties). Finally, we describe a new fair blind signature scheme based on bilinear maps. This scheme thwarts the flaw against previous blind signatures and is proved secure in the random oracle model with respect to our model.