General Certificateless Strong Designated Verifier Signature Schemes

Abstract: A certificateless strong designated verifier signature (CL-SDVS) may provide more convenient deployment than other SDVS schemes since user's public keys can be published freely and no key-escrow problem needed to be worried about. However, there are only several CL-SDVS schemes and their security is doubtable. This paper provides general CL-SDVS schemes and instances, and discusses their security briefly.

“…Assume there is a malicious adversary who has leaned the information of original fog node's private key. Given a fresh signature which has not been received by the verifying group, the adversary might try to distinguish the fog node's identity by checking whether equation (5) or equation (19) holds or not. However, in equation (5) or equation (19), there is a meta value N which could be rewritten as It should be noted that without knowing the random integer z chosen by the fog node, no one could derive the parameter N to perform equation (5) or equation (19) successfully.…”

“…Given a fresh signature which has not been received by the verifying group, the adversary might try to distinguish the fog node's identity by checking whether equation (5) or equation (19) holds or not. However, in equation (5) or equation (19), there is a meta value N which could be rewritten as It should be noted that without knowing the random integer z chosen by the fog node, no one could derive the parameter N to perform equation (5) or equation (19) successfully. In a more formal approach of proofs, we display that if there is an SSA-distinguisher D 1 against the proposed time-constrained SMDVS variant, we could construct a DDH-distinguisher D 2 to solve a random DDH instance of (P, aP, bP, C).…”

“…They also proved the basic security requirement of their scheme in the standard model. Up to present, various DVS variants 19–39 have been proposed. Still, none of existing DVS systems deals with the issue of lifetime of signing capability.…”

Time-constrained strong multi-designated verifier signature suitable for Internet of things–based collaborative fog computing systems

“…Assume there is a malicious adversary who has leaned the information of original fog node's private key. Given a fresh signature which has not been received by the verifying group, the adversary might try to distinguish the fog node's identity by checking whether equation (5) or equation (19) holds or not. However, in equation (5) or equation (19), there is a meta value N which could be rewritten as It should be noted that without knowing the random integer z chosen by the fog node, no one could derive the parameter N to perform equation (5) or equation (19) successfully.…”

“…Given a fresh signature which has not been received by the verifying group, the adversary might try to distinguish the fog node's identity by checking whether equation (5) or equation (19) holds or not. However, in equation (5) or equation (19), there is a meta value N which could be rewritten as It should be noted that without knowing the random integer z chosen by the fog node, no one could derive the parameter N to perform equation (5) or equation (19) successfully. In a more formal approach of proofs, we display that if there is an SSA-distinguisher D 1 against the proposed time-constrained SMDVS variant, we could construct a DDH-distinguisher D 2 to solve a random DDH instance of (P, aP, bP, C).…”

“…They also proved the basic security requirement of their scheme in the standard model. Up to present, various DVS variants 19–39 have been proposed. Still, none of existing DVS systems deals with the issue of lifetime of signing capability.…”

Time-constrained strong multi-designated verifier signature suitable for Internet of things–based collaborative fog computing systems