How to balance privacy with authenticity
In several occasions, it is important to consider the privacy of an individual togetherwith the authenticity of the message produced by that individual or hold by that individual.In the latter scenario, the authenticity of the message enables one to prove that the message that he/sheholds is authentic to other people. Nonetheless, this will normally incur that theprivacy of the signer will be exposed at the same time.In this paper, we consider a situation where the authenticity of the message willbe ensured together with the privacy of the signature holder, if and only if thesignature is designated once to a third party. However, as soon as thereis more than one designation occurs, then the privacy of the signer (and the signatureholder) will cease. We consider real scenarios where this type of notion is required.We formalize this notion as a one-time universal designated verifier signature,and for the first time in the literature, we provide a concrete scheme to realize thisprimitive.