Design And Analyses Of Concurrent Signature Schemes Based On Designated Verifiers

Digital signature is one of the main development directions of E-commerce. With the rapid development of computer and communication networks, digital signature has played a very important role in the aspects of information security, identity authentication, non-repudiation, data integrity and so on. Concurrent signature is a special kind of digital signatures, which doesn't need any trusted third party (TTP) or many interactive rounds to achieve the fair exchange of signatures. Based on its two salient advantages, concurrent signature is widely used in the activities of anonymous election selection, e-government, electronic cash system, electronic contract signing, fair exchange paying and so on.With the hardness of the CDH problem, two concurrent signature schemes based on designated verifier signature schemes are designed:a fair concurrent signature scheme and a multi-party concurrent signature scheme based on designated verifiers. Compared with previous concurrent signature schemes, the concurrent signature scheme can effectively improve the fairness between participants. And the important information (keystone) released by the initial signature is extended to the two entities for preventing the initial signer from cheating the matching one. The matching signer can also master the keystone to change the unfair treatment. Once the concurrent signature scheme is playing, two participants don't need to require any prior exchange of secret information. Hence, the efficiency of the concurrent signature scheme is improved. Compared with previous multi-party concurrent signature (MPCS) schemes, the MPCS scheme based on designated verifiers has improved effectively in two aspects of fairness and efficiency. The more important point is that the MPCS scheme has a good scalability. The MPCS algorithm not only can be easily used between two signers, but also can be used among three or more signers. In other words, the scenarios of the concurrent signature can be easily applied from two-party to multi-party (or from multi-party to two-party), in which the security assumption and performance proof means can be proved in the same way.