Digital signature schemes with restriction on signing capability

Jung Yeon Hwang, Hyun Jeong Kim, Dong Hoon Lee, Jongin Lim

Research output: Contribution to journalConference articlepeer-review

10 Citations (Scopus)


In some practical circumstances, the ability of a signer should be restricted. In group signature schemes, a group member may be allowed to generate signatures up to a certain number of times according to his/her position in the group. In proxy signature schemes, an original signer may want to allow a proxy signer to generate a certain number of signatures on behalf of the original signer. In the paper, we discuss signature schemes, called c-times signature schemes, that restrict the signing ability of a signer up to c times for pre-defined value c at set-up. We formally define the notion and the security model of c-times signature schemes. In fact, c-times signature schemes can be classified into two types according to restriction features: one with an explicit limitation, called a c-times signature scheme, and the other with an implicit limitation, called an implicit c-times signature scheme. We present two instances of implicit c-times signature schemes and then give proofs of the security. For one instance we suggest cS which is a composition of a signature scheme S based on the discrete logarithm and Feldman's VSS. For the other we present c DSA based on DSA. Our basic approach can be applied to signature schemes such as HVZK based signature schemes.

Original languageEnglish
Pages (from-to)324-335
Number of pages12
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2727 LNCS
Publication statusPublished - 2003
Event8th Australasian Conference on Information Security and Privacy, ACISP 2003 - Wollongong, NSW, Australia
Duration: 2003 Jul 92003 Jul 11

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Digital signature schemes with restriction on signing capability'. Together they form a unique fingerprint.

Cite this