Secure universal designated verifier identity-based signcryption

Authors


  • This paper is the extended version of the previous publication in proceedings of the sixth international conference on Network and System Security, LNCS 7645, 2012.

ABSTRACT

In 2003, Steinfeld et al. introduced the notion of universal designated verifier signature (UDVS), which allows a signature holder, who receives a signature from the signer, to convince a designated verifier whether he is possession of a signer's signature; at the same time, the verifier cannot transfer such conviction to anyone else. These signatures devote to protect the receiver's privacy, that is, the receiver may want to prove to any designated verifier who he is in possession of such signature signed by the known signer but reluctant to disclose it. Moreover, the receiver also does not want the verifier to be able to convince anyone that he is in possession of such signature. In the existing UDVS schemes, a secure channel is required between the signer and the signature holder to transfer the signature. This paper, for the first time, proposes the notion of universal designated verifier signcryption without this secure channel by combining the notions of UDVS and signcryption. We give the formal definitions and a concrete construction of universal designated verifier identity-based signcryption scheme. We also give the formal security proofs for our scheme under the random oracle model. Copyright © 2013 John Wiley & Sons, Ltd.

Ancillary