• strong designated verifier signature;
  • nondelegatability;
  • existential unforgeability;
  • identity-based signature


Strong designated verifier signature (SDVS) makes it possible for a signer to convince a designated verifier that he or she has signed a message in such a way that the designated verifier cannot transfer the signature to any third party and no third party can even verify the validity of the signature. Recently, Kang et al. proposed an identity-based SDVS (IBSDVS) scheme that is claimed to be unforgeable and strong. However, in this paper, we show that their scheme is actually forgeable, delegatable, and not strong. We then propose an improved efficient IBSDVS scheme with short signature size and provide formal security proofs based on the computational Diffie–Hellman assumption in the random oracle model. We also show that the performance of our scheme outperforms all the existing IBSDVS schemes known in the literature. Furthermore, we propose an extension of our scheme achieving the stronger notion of nondelegatability and provide formal security proofs. The extended scheme is also showed to achieve high efficiency and short signature size. Copyright © 2012 John Wiley & Sons, Ltd.