Security of Blind Signatures Revisited (original) (raw)
Related papers
Concurrent Blind Signatures Without Random Oracles
Lecture Notes in Computer Science, 2006
We present a blind signature scheme that is efficient and provably secure without random oracles under concurrent attacks utilizing only four moves of short communication. The scheme is based on elliptic curve groups for which a bilinear map exists and on extractable and equivocable commitments. The unforgeability of the employed signature scheme is guaranteed by the LRSW assumption while the blindness property of our scheme is guaranteed by the Decisional Linear Diffie-Hellman assumption.
Universally Composable Blind Signatures
2006
This paper shows that the security of blind signatures is, as defined by Juels, Luby and Ostrovsky, truly weaker than the security in the universal composability (UC) framework (i.e., define the ideal functionality of blind signatures), which was introduced by Canetti. That is, we formulate the security of blind signatures in the UC framework, and show that the class of UC-secure blind signatures is a proper subset of that of secure (in the sense of Juels et al.) blind signatures. In addition, we introduce a stronger security definition (stronger blindness; SB-security) of blind signatures than that by Juels et al. and show that SB-security is more suitable in many applications than Juels et al's. This paper then shows that SB-security of blind signatures is also truly weaker than the security in the UC framework.
Provably Secure Partially Blind Signatures
Advances in Cryptology — CRYPTO 2000, 2000
Partially blind signature schemes are an extension of blind signature schemes that allow a signer to explicitly include necessary information (expiration date, collateral conditions, or whatever) in the resulting signatures under some agreement with the receiver. This paper formalizes such a notion and presents secure and efficient schemes based on a widely applicable method of obtaining witness indistinguishable protocols. We then give a formal proof of security in the random oracle model. Our approach also allows one to construct secure fully blind signature schemes based on a variety of signature schemes.
Journal of Computer Security, 2013
Blind signatures allow users to obtain signatures on messages hidden from the signer; moreover, the signer cannot link the resulting message/signature pair to the signing session. This paper presents blind signature schemes, in which the number of interactions between the user and the signer is minimal and whose blind signatures are short. Our schemes are defined over bilinear groups and are proved secure in the common-reference-string model without random oracles and under standard assumptions: CDH and the decision-linear assumption. (We also give variants over asymmetric groups based on similar assumptions.) The blind signatures are Waters signatures, which consist of 2 group elements. Moreover, we instantiate partially blind signatures, where the message consists of a part hidden from the signer and a commonly known public part, and schemes achieving perfect blindness. We propose new variants of blind signatures, such as signer-friendly partially blind signatures, where the public part can be chosen by the signer without prior agreement, 3-party blind signatures, as well as blind signatures on multiple aggregated messages provided by independent sources. We also extend Waters signatures to non-binary alphabets by proving a new result on the underlying hash function.
IACR Cryptol. ePrint Arch., 2017
We propose a novel cryptographic primitive called conditional blind signatures. Our primitive allows a user to request blind signatures on messages of her choice. The signer has a secret Boolean input which determines if the supplied signature is valid or not. The user should not be able to distinguish between valid and invalid signatures. A designated verifier, however, can tell which signatures verify correctly, and is in fact the only entity who can learn the secret input associated with the (unblinded) signed message. We instantiate our primitive as an extension of the Okamoto-Schnorr blind signature scheme and provide variations to fit different usage scenarios. Finally, we analyze and prove the security properties of the new scheme and explore potential applications.
Security of Blind Digital Signatures (Extended Abstract)
Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, 1997
Blind digital signatures were introduced by Chaum. In this paper, we show how security and blindness properties for blind digital signatures, can be simultaneously defined and satisfied in the common reference string model, assuming an arbitrary one-way trapdoor permutation family. Thus, this paper presents the first complexity-based proof of security for blind signatures.
Blind signatures based on the discrete logarithm problem
1995
In Harn95], Harn claims, that the signature schemes in CaPS94] and HoMP94] are not true blind signatures. In this comment, we prove, that this claim is fortunately totally wrong. His attempt to cryptanalyse the schemes in CaPS94, HoMP94] is incorrect, as the proposed relationship, which is used to trace the signature by the signer, is an invariant that is satis ed by any two pairs of signed messages.
Cryptanalysis of Blind Signature Schemes
International Journal of Computer Applications, 2013
Security of the consumer"s data over internet is the major problem in present time. In this paper we have analyzed blind signature schemes based on RSA and with taking advantage of elliptic curve cryptography to achieve the security goals. Blind signature scheme is one of the security protocol to obtain signature from a signer such that signer sign the message without reading the content of the message and also he could not link the protocol with the resulting message signature pair [7]. Blind signature scheme is used to achieve certain security goals like blindness, untraceability, authenticity, unforgeability [1]. We have analyzed blind signature scheme to achieve the security goals using Elliptic Curve Cryptosystem. Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was initially presented by Neal Koblitz and Victor S. Miller. Elliptic curve cryptosystem has advantages in terms of smaller key size and lower computational overhead in comparison with public key cryptosystem [2]. Many researchers have been presented the secure blind signature scheme with their own goals and limitations. Two properties a blind signature scheme should hold digital signature and blind signature. By using concept of Elliptic Curve Cryptosystem and blinding algorithm, the signer generates the blind signature without reading content of the message [5]. The scheme avoids the collision between different digital signatures generated by the same singer. The blind signature is a secure technique can be applied in ebusiness and other applications. Blind signature schemes are widely used for various applications of E-commerce like digital payment systems and electronic voting system etc where to maintain the privacy of consumer is necessary [9].
VARIANTS OF BLIND SIGNATURES -A PRACTICAL AUTHENTICATION SCHEME
Blind signature is a variant of digital signature which helps the user to obtain a signature without giving any information about the message to the signer and the signer cannot tell which session of the signing protocol corresponds to which message. Blind signatures may seem to be a myth; it is a practical reality due to its wide applications in real life like e-coin and e-voting. This paper focuses on the study of variants of blind signatures with its eminent real world applications. It also discuses about future research scope of blind signatures.
Linkability of Some Blind Signature Schemes
Lecture Notes in Computer Science, 2007
Unforgeability and blindness are two important properties of blind signature. The latter means that after interacting with various users, the signer is unable to link a valid message-signature pair. In ICCSA 2006, Zhang et al. showed that a signer in an identity-based blind signature scheme proposed by Huang et al. is able to link a valid messagesignature pair obtained by some user. They also presented an improved scheme to overcome this flaw. In ICICIC 2006, Zhang and Zou showed that the identity-based blind signature scheme proposed by Zhang and Kim also suffered from the similar linkability attack. In this paper, we first show that the so-called linkability can be shown for Zhang et al.'s improved scheme as well. We then point out that the linkability attack against the Huang et al. scheme and the Zhang-Kim scheme is invalid.