Efficient Deniable Authentication for Signatures, Application to Machine-Readable Travel Document

Releasing a classical digital signature faces to privacy issues. Indeed, there are cases where the prover needs to authenticate some data without making it possible for any malicious verifier to transfer the proof to anyone else. It is for instance the case for e-passports where the signature from the national authority authenticates personal data. To solve this problem, we can prove knowledge of a valid signature without revealing it. This proof should be non-transferable. We first study deniability for signature verification. Deniability is essentially a weaker form of non-transferability. It holds as soon as the protocol is finished (it is often called offline non-transferability). We introduce Offline Non-Transferable Authentication Protocol (ON-TAP) and we show that it can be built by using a classical signature scheme and a deniable zero-knowledge proof of knowledge. For that reason, we use a generic transform for Σ-protocols. Finally, we give examples to upgrade signature standards based on RSA or ElGamal into an ONTAP. Our examples are well-suited for implementation in e-passports.

Published in:
Applied Cryptography and Network Security, 7th International Conference, 5536, 272-291
Presented at:
ACNS '09: the International Conference on Applied Cryptography and Network Security, Paris-Rocquencourt, France, June 2-5, 2009
Springer Berlin / Heidelberg

 Record created 2009-06-05, last modified 2019-12-05

Download fulltextPDF
External link:
Download fulltextURL
Rate this document:

Rate this document:
(Not yet reviewed)