Security reconsideration of the Huang-Wang nominative signature |
| |
| Authors: | Hsi-Chung Lin Yi-Hsiung Huang |
| |
| Affiliation: | Laboratory of Cryptography and Information Security (LCIS), Department of Computer Science and Information Engineering, National Central University, Chung-Li, Taiwan 320, Taiwan, ROC |
| |
| Abstract: | To prevent potential misuse and to enhance privacy, signatures with restricted verifiability have been recently extensively discussed in the literature. Unlike undeniable signatures and designated verifier signatures, nominative signatures restrict the ability of signature verification and confirmation to a designated verifier only. In this paper, security issues of a nominative signature scheme proposed by Huang and Wang are reconsidered. The first result obtained is that the cryptanalysis reported recently by Susilo and Mu is shown to be incompletely correct; namely, the nominator in fact cannot verify but can only screen signatures, and therefore any third party should not be convinced by the confirmation done by the nominator. The second observation is that the scheme proposed by Huang and Wang may not be as strong as originally claimed. Nevertheless, the overall result is optimistic that the security properties provided by the Huang-Wang nominative signature scheme are sufficient for most applications. |
| |
| Keywords: | Interactive confirmation protocols Nominative signatures Privacy Signature screening Verification |
| 本文献已被 ScienceDirect 等数据库收录! |
|
