CryptoDB
Key-Exposure Free Chameleon Hashing and Signatures Based on Discrete Logarithm Systems
Authors: | |
---|---|
Download: | |
Abstract: | Chameleon signatures are based on well established hash-and-sign paradigm, where a \emph{chameleon hash function} is used to compute the cryptographic message digest. Chameleon signatures simultaneously provide the properties of non-repudiation and non-transferability for the signed message. However, the initial constructions of chameleon signatures suffer from the problem of key exposure: the signature forgery results in the signer recovering the recipient's trapdoor information, $i.e.,$ the private key. This creates a strong disincentive for the recipient to forge signatures, partially undermining the concept of non-transferability. Recently, some specific constructions of key-exposure free chameleon hashing are presented, based on RSA or pairings, using the idea of ``Customized Identities". In this paper, we propose the first key-exposure free chameleon hash scheme based on discrete logarithm systems, without using the gap Diffile-Hellman groups. Moreover, one distinguished advantage of the resulting chameleon signature scheme is that the property of ``message hiding" or ``message recovery" can be achieved freely by the signer. Another main contribution in this paper is that we propose the first identity-based chameleon hash scheme without key exposure, which gives a positive answer for the open problem introduced by Ateniese and de Mederious in 2004. |
BibTeX
@misc{eprint-2009-18270, title={Key-Exposure Free Chameleon Hashing and Signatures Based on Discrete Logarithm Systems}, booktitle={IACR Eprint archive}, keywords={public-key cryptography / Chameleon hashing, Gap Diffie-Hellman group, Key exposure}, url={http://eprint.iacr.org/2009/035}, note={ isschxf@mail.sysu.edu.cn 14260 received 16 Jan 2009}, author={Xiaofeng Chen and Fangguo Zhang and Haibo Tian and Baodian Wei and Kwangjo Kim}, year=2009 }