Abstract
In some practical circumstances, the ability of a signer should be restricted. In group signature schemes, a group member may be allowed to generate signatures up to a certain number of times according to his/her position in the group. In proxy signature schemes, an original signer may want to allow a proxy signer to generate a certain number of signatures on behalf of the original signer. In the paper, we discuss signature schemes, called c-times signature schemes, that restrict the signing ability of a signer up to c times for pre-defined value c at set-up. We formally define the notion and the security model of c-times signature schemes. In fact, c-times signature schemes can be classified into two types according to restriction features: one with an explicit limitation, called a c-times signature scheme, and the other with an implicit limitation, called an implicit c-times signature scheme. We present two instances of implicit c-times signature schemes and then give proofs of the security. For one instance we suggest cS which is a composition of a signature scheme S based on the discrete logarithm and Feldman's VSS. For the other we present c DSA based on DSA. Our basic approach can be applied to signature schemes such as HVZK based signature schemes.
Original language | English |
---|---|
Pages (from-to) | 324-335 |
Number of pages | 12 |
Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
Volume | 2727 LNCS |
DOIs | |
Publication status | Published - 2003 |
Event | 8th Australasian Conference on Information Security and Privacy, ACISP 2003 - Wollongong, NSW, Australia Duration: 2003 Jul 9 → 2003 Jul 11 |
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science