Name
Abstract | ||
|---|---|---|
The main difference between confirmer signatures and ordinary digital signatures is that a confirmer signature can be verified only with the assistance of a semitrusted third party, the confirmer. Additionally, the confirmer can selectively convert single confirmer signatures into ordinary signatures. This paper points out that previous models for confirmer signature schemes are too restricted to address the case where several signers share the same confirmer. More seriously, we show that various proposed schemes (some of which are provably secure in these restricted models) are vulnerable to an adaptive signature-transformation attack. We define a new stronger model that covers this kind of attack and provide a generic solution based on any secure ordinary signature scheme and public key encryption scheme. We also exhibit a concrete instance thereof. |
Year | DOI | Venue |
|---|---|---|
2000 | 10.1007/3-540-45539-6_17 | EUROCRYPT |
Keywords | DocType | Volume |
confirmer signature scheme,various proposed scheme,secure ordinary signature scheme,public key encryption scheme,adaptive signature-transformation attack,confirmer signature,restricted model,adaptive adversary,ordinary signature,ordinary digital signature,single confirmer signature,public key encryption,digital signature,provable security | Conference | 1807 |
ISSN | ISBN | Citations |
0302-9743 | 3-540-67517-5 | 46 |
PageRank | References | Authors |
1.98 | 21 | 2 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jan Camenisch | 1 | 6453 | 366.63 |
| Markus Michels | 2 | 635 | 57.87 |