A Forward-Secure Blind Signature Scheme Based on the Strong RSA Assumption

Abstract: Abstract. Key exposures bring out very serious problems in security services. Especially, it is more severe in the applications such as electronic cash or electronic payment where money is directly involved. Forward secrecy is one of the security notions addressing the key exposure issues. Roughly speaking, forward secrecy is aimed to protect the validity of all actions using the secret key before the key exposure. In this paper, we investigate the key exposure problem in blind signature (with an application t… Show more

“…We now formalize the definition and security requirements of forward-secure identity-based blind signature (FSIBBS) in Refs. [7,48]. Here, the whole lifetime of the system is divided into N time periods labeled 0,1, , 1.…”

“…We give the security requirements for FSIBBS in [7,49]. Blindness: Let S be a signer or any adversary that controls the signer and U 0 , U 1 be two honest users.…”

“…The initial signing secret key is 0 SK and at the end of time period i, a new signing secret key 1 i SK + is computed for the next time period i+1 using the signing secret key i SK and then i SK is deleted. Forward-secure blind signature (FSBS) was introduced by Duc et al [7] to preserve the validity of past blind signatures and prevent a forger from forging past blind signatures even if current signing secret key has been compromised. A large number of FSBS schemes [8][9][10][11][12] have been proposed so far based on large integer factoring or discrete logarithms.…”

Forward-Secure Identity-Based Shorter Blind Signature from Lattices

“…We now formalize the definition and security requirements of forward-secure identity-based blind signature (FSIBBS) in Refs. [7,48]. Here, the whole lifetime of the system is divided into N time periods labeled 0,1, , 1.…”

“…We give the security requirements for FSIBBS in [7,49]. Blindness: Let S be a signer or any adversary that controls the signer and U 0 , U 1 be two honest users.…”

“…The initial signing secret key is 0 SK and at the end of time period i, a new signing secret key 1 i SK + is computed for the next time period i+1 using the signing secret key i SK and then i SK is deleted. Forward-secure blind signature (FSBS) was introduced by Duc et al [7] to preserve the validity of past blind signatures and prevent a forger from forging past blind signatures even if current signing secret key has been compromised. A large number of FSBS schemes [8][9][10][11][12] have been proposed so far based on large integer factoring or discrete logarithms.…”

Forward-Secure Identity-Based Shorter Blind Signature from Lattices

“…A 0 B 0 C 3 D 1 E 0 ID-based restrictive blind signature [43] A 0 B 0 C 5 D 1 E 0 ID-based partially blind signature [44] A 0 B 0 C 7 D 1 E 0 ID-based restrictive partially blind signature [43] A 3 B 0 C 0 D 0 E 1 forward-secure group signature [45] A 5 B 0 C 0 D 0 E 1 forward-secure ring signature [46] A 9 B 0 C 0 D 0 E 1 forward-secure proxy signature [47] A 0 B 0 C 1 D 0 E 1 forward-secure blind signature [48] …”

Classification of signature-only signature models

“…DUC-CHEON-KIM SIGNATURE SCHEME AND ANALYSISA. Duc-Cheon-Kim Signature SchemeIn order to alleviate the severe consequences brought by the secret key leak, Anderson proposed the concept of forward security signature scheme [7]. is a example of forward security blind signature scheme.System Construction: First two big security prime numbers ÷ means if a qb r = + , then a b q ÷ = ).…”

A New Attack Method on Digital Signature Scheme