Multi-designated Verifiers Signatures [chapter]

Fabien Laguillaumie, Damien Vergnaud
2004 Lecture Notes in Computer Science  
Designated verifier signatures were introduced in the middle of the 90's by Jakobsson, Sako and Impagliazzo, and independenty patended by Chaum as private signatures. In this setting, a signature can only be verified by a unique and specific user. At Crypto'03, Desmedt suggested the problem of generalizing the designated verifier signatures. In this case, a signature should be intended to a specific set of different verifiers. In this article, we provide a formal definition of multi-designated
more » ... erifiers signatures and give a rigorous treatment of the security model for such a scheme. We propose a construction based on ring signatures, which meets our definition, but does not achieve the privacy of signer's identity property. Finally, we propose a very efficient bidesignated verifiers signature scheme based on bilinear maps, which protects the anonymity of signers.
doi:10.1007/978-3-540-30191-2_38 fatcat:nv7ik7ngejdsxmvjwztzs4cuvm