Nonrepudiable Proxy Signature Schemes

Nonrepudiable Proxy Signature Schemes (1997)

Cached

Download Links

[www.cl.cam.ac.uk]

by Kan Zhang

Citations:

2 - 0 self

BibTeX

@TECHREPORT{Zhang97nonrepudiableproxy,
    author = {Kan Zhang},
    title = {Nonrepudiable Proxy Signature Schemes},
    institution = {},
    year = {1997}
}

Bookmark

OpenURL

Abstract

. Delegation of rights is a common practice in the real world. Proxy signature schemes have been invented to delegate signing capability efficiently and transparently. Existing proxy signature schemes don't support nonrepudiation. Nonrepudiation means signature signer, both the original and proxy signers, cannot falsely deny later that he generated a signature. In practice, it is important and, sometimes, necessary to have the capability to decide who is the actual signer of a proxy signature for internal auditing purpose or when there is abuse of signing capability. In this paper, we show how to add nonrepudiation to existing proxy signature schemes. Nonrepudiation is achieved through a partially blind signature key generation protocol adapted from a fully blind signature scheme. The new nonrepudiable proxy signature scheme fits in the same general framework as existing ones. Therefore, the desirable properties of existing schemes can also be said about our new scheme. In...

Citations

961	A public key cryptosystem and a signature scheme based on discrete logarithms - ElGamal - 1985
432	Group Signatures - Chaum, Heijst - 1991
368	Security without identification: Transaction systems to make big brother obsolete - Chaum - 1985
356	signatures for untraceable payments - Chaum - 1983
312	Tamper Resistance - A Cautionary Note - Anderson - 1996
256	An improved algorithm for computing logarithms over GF (p) and its cryptographic significance - Pohlig, Hellman - 1978
108	Proxy-based authorization and accounting for distributed systems - NEUMAN - 1991
82	Message recovery for signature schemes based on the discrete logarithm problem - Nyberg - 1994
79	Proxy Signatures for Delegating Signing Operation - Mambo, Usada, et al. - 1996
72	Designated confirmer signatures - Chaum - 1994
46	A New Signature Scheme Based on the DSA Giving Message Recovery - Nyberg, Rueppel - 1993
29	Meta Message Recovery and Meta Blind Signature Schemes based on the Discrete Logarithm Problem and Their Applications - Horster, Petersen
28	Designated Confirmer Signatures and Public-Key Encryption are Equivalent - Okamoto - 1994
16	New digital signature scheme Based on Discrete - Yen, Laih - 1993
6	New digital signature scheme based on discrete logarithm - Nyberg - 1994
5	An Analysis of the Proxy - Varadharajan, Allen, et al. - 1991
2	Comment: New digital signature scheme based on discrete logarithm - Boyd - 1994
2	selects ~ k 2 Zq , computes ~ r = g ~ k (mod p), and sends ~ r to Bob - Alice
2	randomly selects ff 2 Zq and fi 2 Z q , computes r = mg ff ~ r fi (mod p) and ~ m = rfi \Gamma1 (mod q): (b) Bob checks whether ~ m 2 Z q . If this is not the case, he goes back to step a). Otherwise, he sends ~ m to Alice - Bob
2	computes ~ s = ~ mx+ ~ k(mod q) and forwards ~ s to Bob - Alice
2	computes s = ~ sfi + ff(mod q): The pair (r; s) is a Nyberg-Rueppel signature of the message m and the above protocol is a blind signature scheme - Bob
1	The Blinding of Weak Signatures - Franklin, Yung - 1995