Universal designated verifier signature was first introduced by Steinfeld, Bull, Wang and Pieprzyk in Asia-crypt 2003. In the universal designated verifier signature scheme, any holder of a signature can designate the signature to any desired designated verifier, such that only the designated verifier will believe that the signature holder holds a valid signature. In SecUbiq'05 [Zhang Fangguo, Susilo Willy, Mu Yi, Chen Xiaofeng, 2005. Identity-based universal designated verifier signatures. In: The First International Work-shop on Security in Ubiquitous Computing Systems, Nagasaki, Japan, LNCS 3823. Springer-Verlag, Berlin, pp, 825-834] first extended this notion to the identity based setting and proposed two identity based universal designated verifier signature schemes. However, the security of their scheme is based on the random oracle model. Up to now, there is no provably secure identity based universal designated verifier signature scheme in the standard model. In this paper, we propose the first identity based universal designated verifier signature scheme whose security can be proven in the standard model based on the hardness of the computational Diffie-Hellman (CDH) problem.

• 出版日期2009-4
• 单位上海交通大学