# Information Security and Cryptography Research Group

## Designated Confirmer Signatures Revisited

### Douglas Wikström

Theory of Cryptography Conference — TCC 2007, Lecture Notes in Computer Science, Springer-Verlag, vol. 4392, pp. 342–361, 2007.

Previous definitions of designated confirmer signatures in the literature are incomplete, and the proposed security definitions fail to capture key security properties, such as unforgeability against malicious confirmers and non-transferability. We propose new definitions.

Previous schemes rely on the random oracle model or set-up assumptions, or are secure with respect to relaxed security definitions. We construct a practical scheme that is provably secure with respect to our security definition under the strong RSA-assumption, the decision composite residuosity assumption, and the decision Diffie-Hellman assumption.

To achieve our results we introduce several new relaxations of standard notions. We expect these techniques to be useful in the construction and analysis of other efficient cryptographic schemes.

## BibTeX Citation

@inproceedings{Wik07,
author       = {Douglas Wikström},
title        = {Designated Confirmer Signatures Revisited},
booktitle    = {Theory of Cryptography Conference --- TCC 2007},
pages        = 342--361,
series       = {Lecture Notes in Computer Science},
volume       = 4392,
year         = 2007,
publisher    = {Springer-Verlag},
}