Designated condition one-time signatures
In this paper, a new notion of designated condition one-time signatures (DCOTS) is proposed. For a DCOTS scheme, the signer can generate at most one signature for each condition. For example, the signer can generate at most one signature for each day. If the signer generates two signatures for the same condition, the private key will be severely threatened. Specifically, given two DCOTS signatures for the same condition c and then a DCOTS signature for a new condition c′, one can generate the DCOTS signature on any message for the condition c′. We formally define the notion and the security model for DCOTS signatures. We propose a DCOTS signature scheme based on bilinear parings, and prove its security under the CDH assumption in the random oracle model. We show that a k-times signature scheme and a designated condition k-times signature scheme can be easily derived from a DCOTS signature scheme. Some possible applications of DCOTS signatures are discussed.