Chaum's Designated Confirmer Signature Revisited

This article revisits the original designated confirmer signature scheme of Chaum. Following the same spirit we naturally extend the Chaum's construction in a more general setting and analyze its security in a formal way. We prove its security in the random oracle model by using a random hash function and a random permutation. We notably consider the confirmer as an attacker against the existential forgery under an adaptive chosen-message attack. This security property is shown to rely on the hardness of forging signatures in a universal way of a classical existentially forgeable signature scheme. Furthermore, we show that the invisibility of the signatures under a non-adaptive chosen-message (aka lunchtime) attack relies on some invisibility properties of an existentially forgeable undeniable signature scheme. The existence of this cryptographic primitive is shown equivalent to the existence of public-key cryptosystems. It is also interesting to see that this article confirms the security of Chaum's scheme since our construction is a natural generalization of this scheme.

Published in:
Information Security, 8th International Conference, ISC 2005, 3650, 164-178
Presented at:
Information Security, 8th International Conference, ISC 2005, Singapore, September 20-23, 2005
Other identifiers:

 Record created 2007-01-19, last modified 2018-03-17

Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)