Abstract
The only known blind signature scheme that is secure in the standard model [19] is based on general results about multi-party computation, and thus it is extremely inefficient. The main result of this paper is the first provably secure blind signature scheme which is also efficient. We develop our construction as follows. In the first step, which is a significant result on its own, we devise and prove the security of a new variant for the Cramer-Shoup-Fischlin signature scheme. We are able to show that for generating signatures, instead of using randomly chosen prime exponents one can securely use randomly chosen odd integer exponents which significantly simplifies the signature generating process. We obtain our blind signing function as a secure and efficient two-party computation that cleverly exploits its algebraic properties and those of the Paillier encryption scheme. The security of the resulting signing protocol relies on the Strong RSA assumption and the hardness of decisional composite residuosity; we stress that it does not rely on the existence of random oracles.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bellare, M., Boldyreva, A., Palacio, A.: An un-instantiable random-oracle-model scheme for a hybrid-encryption problem. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 171–188. Springer, Heidelberg (2004)
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM CCS, pp. 62–73 (1993)
Camenisch, J., Michels, M.: Proving in zero-knowledge that a number n is the product of two safe primes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 107. Springer, Heidelberg (1999)
Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)
Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. In: Proceedings of the 13th Annual ACM STOC, pp. 209–218 (1998)
Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology — Proceedings of CRYPTO 1982, pp. 199–203. Plenum Press, New York (1983)
Chaum, D.: Blind signature systems. In: Advances in Cryptology — CRYPTO 1983, p. 153. Plenum Press, New York (1984)
Cramer, R.: Modular Design of Secure yet Practical Cryptographic Protocol. PhD thesis, University of Amsterdam (1997)
Damgård, I.: Efficient concurrent zero-knowledge in the auxiliary string model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 418. Springer, Heidelberg (2000)
Damgård, I., Fujisaki, E.: A statistically-hiding integer commitment scheme based on groups with hidden order. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 125–142. Springer, Heidelberg (2002)
de Bruijn, N.: On the number of positive integers ≤ x and free of prime factors > y. Nederl. Akad. Wetensch. Proceedings 53, 813–821 (1950)
Dickman, K.: On the frequency of numbers containing prime factors of a certain relative magnitude. Arkiv för Matematik, Astronomi och Fysik 22A(10) (1930)
Dwork, C., Naor, M., Sahai, A.: Concurrent zero-knowledge. In: Proceedings of the 30th Annual STOC, Dallas, TX, pp. 409–418. ACM Press, New York (1998)
Fiat, A., Shamir, A.: How to prove yourself: Practical solution to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Fischlin, M.: The Cramer-Shoup Strong-RSA signature scheme revisited. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 116–129. Springer, Heidelberg (2002)
Fujiski, E., Okamoto, T.: Statistical zero-knowledge protocols to prove modular polynomial relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)
Goldwasser, S., Tauman, Y.: On the (in)security of the Fiat-Shamir transform. In: Proceedings of Foundations of Computer Science (2003)
Hildebrand, A.: On the number of positive integers ≤ x and free of prime factors > y. Journal of Number Theory 22, 289–307 (1986)
Juels, A., Luby, M., Ostrovsky, R.: Security of blind digital signatures. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 150–164. Springer, Heidelberg (1997)
Knuth, D.E., Pardo, L.T.: Analysis of a simple factorization algorithm. Theoretical Computer Science 3(3), 321–348 (1976)
MacKenzie, P., Reiter, M.K.: Two-party generation of DSA signatures. International Journal of Information Security 2(3) (2004)
Nielsen, J.B.: Separating random oracle proofs from complexity theoretic proofs: The non-committing encryption case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 111. Springer, Heidelberg (2002)
Paillier, P.: Public-key cryptosystem based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)
Pointcheval, D., Stern, J.: Provably secure blind signature schemes. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, Springer, Heidelberg (1996)
Pointcheval, D., Stern, J.: New blind signatures equivalent to factorization. In: ACM CCS, pp. 92–99. ACM Press, New York (1997)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13(3), 361–396 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Camenisch, J., Koprowski, M., Warinschi, B. (2005). Efficient Blind Signatures Without Random Oracles. In: Blundo, C., Cimato, S. (eds) Security in Communication Networks. SCN 2004. Lecture Notes in Computer Science, vol 3352. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30598-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-30598-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24301-4
Online ISBN: 978-3-540-30598-9
eBook Packages: Computer ScienceComputer Science (R0)