Perfect Concurrent Signature Schemes

  • Willy Susilo
  • Yi Mu
  • Fangguo Zhang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3269)


The notion of concurrent signatures was recently introduced by Chen, Kudla and Paterson in their seminal paper in [5]. In concurrent signature schemes, two entities can produce two signatures that are not binding, until an extra piece of information (namely the keystone) is released by one of the parties. Upon release of the keystone, both signatures become binding to their true signers concurrently. In this paper, we extend this notion by introducing a new and stronger notion called perfect concurrent signatures. We require that although both signers are known to be trustworthy, the two signatures are still ambiguous to any third party (c.f. [5]). We provide two secure schemes to realize the new notion based on Schnorr’s signature schemes and bilinear pairing. These two constructions are essentially the same. However, as we shall show in this paper, the scheme based on bilinear pairing is more efficient than the one that is based on Schnorr’s signature scheme.


Signature Scheme Initial Signer Trusted Third Party Discrete Logarithm Problem Bilinear Pairing 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n Signatures from a Variety of Keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Proc. 4th ACM Conf. on Comp. and Comm. Security, pp. 8–17 (1997)Google Scholar
  3. 3.
    Camenisch, J.: Efficient and Generalized Group Signatures. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 465–479. Springer, Heidelberg (1997)Google Scholar
  4. 4.
    Camenisch, J.: Group Signature Schemes and Payment Systems based on the Discrete Logarithm Problem. PhD Thesis, ETH Zürich (1998)Google Scholar
  5. 5.
    Chen, L., Kudla, C., Paterson, K.G.: Concurrent signatures. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 287–305. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Pointcheval, D., Stern, J.: Security Proofs for Signature Schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)Google Scholar
  7. 7.
    Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13(3), 361–396 (2000)zbMATHCrossRefGoogle Scholar
  8. 8.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to Leak a Secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Willy Susilo
    • 1
  • Yi Mu
    • 1
  • Fangguo Zhang
    • 2
  1. 1.School of Information Technology and Computer ScienceUniversity of WollongongWollongongAustralia
  2. 2.Department of Electronics and Communication EngineeringSun Yat-Sen UniversityGuangzhouP.R. China

Personalised recommendations