Efficient Confirmer Signatures from the ``Signature of a Commitment'' Paradigm
Laila El Aimani (cosec - b-it)
Thursday 04 October 2010, 15.00, b-it 1.25 (cosec meeting room)
Generic constructions of designated confirmer signatures follow one of the following two strategies; either produce a digital signature on the message to be signed, then encrypt the resulting signature, or produce a commitment on the message, encrypt the string used to generate the commitment and finally sign the latter.
We study the second strategy by determining the exact security property needed in the encryption to achieve secure constructions. This study infers the exclusion of a useful type of encryption from the design due to an intrinsic weakness in the paradigm. Next, we propose a simple method to remediate to this weakness and we get efficient constructions which can be used with \emph{any} digital signature.
Keywords: Designated Confirmer signatures, ``Signature of a commitment'' paradigm, Generic construction, Reduction/meta-reduction, Zero Knowledge.