WEAKNESSES OF UNDENIABLE SIGNATURE SCHEMES.
LECT NOTES COMPUT SC
205 - 220.
The nice concept of undeniable signatures was presented by Chaum and van Antwerpen . In  Chaum mentioned that ''with undeniable signatures only paying customers are able to verify the signature.'' Using methods based on ''divertible zero-knowledge proofs'' and ''distributed secure mental games played among cooperating users'', we show that in certain contexts non-paying verifiers can check the signature as well, thus demonstrating that the applicability of undeniable signatures is somewhat restricted and must rely on the physical (or other) isolation of the verifying customer. In addition, we show that the first undeniable signature schemes suffer from certain security problems due to their multiplicative nature (similar to problems the RSA signature scheme has).
|Title:||WEAKNESSES OF UNDENIABLE SIGNATURE SCHEMES|
|Keywords:||RSA SIGNATURES, SECURITY|
|UCL classification:||UCL > School of BEAMS
UCL > School of BEAMS > Faculty of Engineering Science
Archive Staff Only