Claimable Multi-designated Verifier Signature
摘要
Multi-designated verifier signatures (MDVS) are a signer privacy-preserving signature scheme where non-designated parties cannot tell the difference between signatures produced by the true signer and the designated verifiers. However, such privacy-preservation does not allow even the signer to disclose that her signature has been actually created by herself. Thus, it is worth giving to a signer of MDVS claimability, the ability to later make a claim that convinces anyone including non-designated third parties that a signature has been created by the actual signer. In this paper, we propose such a scheme, claimable multi-designated verifier signatures (CMDVS). We define a syntax and security requirements for CMDVS and propose the generic constructions of two types of CMDVS. The first one consists of standard signatures, ring signatures, commitment schemes, and pseudorandom functions (PRF). The second one is the transformation from the first one, using one-time signatures, public key encryption schemes, PRF and non-interactive zero-knowledge proofs.