Sciweavers

EUROCRYPT
2004
Springer

Concurrent Signatures

14 years 5 months ago
Concurrent Signatures
We introduce the concept of concurrent signatures. These allow two entities to produce two signatures in such a way that, from the point of view of any third party, both signatures are ambiguous with respect to the identity of the signing party until an extra piece of information (the keystone) is released by one of the parties. Upon release of the keystone, both signatures become binding to their true signers concurrently. Concurrent signatures fall just short of providing a full solution to the problem of fair exchange of signatures, but we discuss some applications in which concurrent signatures suffice. Concurrent signatures are highly efficient and require neither a trusted arbitrator nor a high degree of interaction between parties. We provide a model of security for concurrent signatures, and a concrete scheme which we prove secure in the random oracle model under the discrete logarithm assumption.
Liqun Chen, Caroline Kudla, Kenneth G. Paterson
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where EUROCRYPT
Authors Liqun Chen, Caroline Kudla, Kenneth G. Paterson
Comments (0)