Strong designated verifier signature can provide an efficient way to protect the identity privacy of the signer and the integrity of the data transmitted over the public channel. These characteristics make it very useful in outsourcing computing, electronic voting, electronic bidding, electronic auction and other fields. However, most strong designated verifier signature schemes are unable to identify the real signature generator when the signer and the designated verifier dispute a signature. In addition, the existing strong designated verifier signature schemes in the standard model rarely satisfy strong unforgeability, and thus cannot prevent the attacker from forging a valid signature on any previously signed message. Therefore, designing a strong designated verifier signature scheme without random oracles that satisfies strong unforgeability and undeniability is very attractive in both practice and theory. Motivated by these concerns, we design the first undeniable strong designated verifier signature scheme without random oracles, in which the arbiter can independently perform the judgment procedure to prove whether a controversial signature is generated by the signer or the designated verifier. Under standard assumptions, the scheme is proved to be strongly unforgeable in standard model. Furthermore, it not only achieves non-transferability and privacy of the signer’s identity but also satisfies the undeniable property of traditional digital signature schemes. Performance analysis results show that the length of the signer’s private key, the designated verifier’s private key and signature length are 40 bits, 40 bits and 384 bits, respectively. Compared with he related schemes, the proposed scheme has higher performance in signature length, private key size and computational overhead. Finally, we show how to apply it to implement outsourcing computation in cloud computing.
Strong Designated Verifier Signature Scheme with Undeniability and Strong Unforgeability in the Standard Model