[Resource Topic] 2004/038: Chameleon Hashing without Key Exposure

Welcome to the resource topic for 2004/038

Chameleon Hashing without Key Exposure

Authors: Xiaofeng Chen, Fangguo Zhang, Kwangjo Kim


Chameleon signatures are based on well established hash-and-sign
paradigm, where a \emph{chameleon hash function} is used to
compute the cryptographic message digest. Chameleon signatures
simultaneously provide the properties of non-repudiation and
non-transferability for the signed message, i.e., the designated
recipient is capable of verifying the validity of the signature,
but cannot disclose the contents of the signed information to
convince any third party without the signer’s consent.

One disadvantage of the initial chameleon signature scheme is that
signature forgery results in the signer recovering the recipient’s
trapdoor information, i.e., private key. Therefore, the signer
can use this information to deny \emph{other} signatures given to
the recipient. This creates a strong disincentive for the
recipient to forge signatures, partially undermining the concept
of non-transferability. In this paper, we firstly propose a
chameleon hashing scheme in the gap Diffie-Hellman group to solve
the problem of key exposure. We can prove that the recipient’s
trapdoor information will never be compromised under the
assumption of Computation Diffie-Hellman Problem (CDHP) is
intractable. Moreover, we use the proposed chameleon hashing
scheme to design a chameleon signature scheme.

ePrint: https://eprint.iacr.org/2004/038

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .