Formal definition and construction of nominative signature



Publication Details

Liu, D. Y. W., Wong, D. S., Huang, X., Wang, G., Huang, Q., Mu, Y. & Susilo, W. (2007). Formal definition and construction of nominative signature. H. Imai, S. Qing & G. Wang In International Conference on Information and Communications Security, 12-15 December, Zhengzhou, China. Lecture Notes in Computer Science, 4861 57-68.


Since the introduction of nominative signature in 1996, thereare three problems that have still not been solved. First, there is no convincingapplication proposed; second, there is no formal security modelavailable; and third, there is no proven secure scheme constructed, giventhat all the previous schemes have already been found flawed. In thispaper, we give positive answers to these problems. First, we illustratethat nominative signature is a better tool for building user certificationsystems which were originally implemented using universal designatedverifiersignature. Second, we propose a formal definition and adversarialmodel for nominative signature. Third, we show that Chaums undeniablesignature can be transformed to an efficient nominative signatureby simply using a standard signature. The security of our transformationcan be proven under the standard number-theoretic assumption

Please refer to publisher version or contact your library.



Link to publisher version (DOI)