One-show blind signature systems
First Claim
1. In a public-key digital signature system, the improvement comprising the steps of:
- issuing digital signatures by an issuing party and the issuing party ensuring that with substantial probability each of the issued signatures contains identifying information;
showing at least one of said issued signatures to at least one checking party to allow the checking party to verify the digital signature property of the signatures shown while substantially concealing, from even cooperation of every checking party and said signature issuing party, the identifying information contained in signatures shown at most once; and
testing said shown signatures to yield with substantial probability said identifying information contained in signatures shown more than once.
19 Assignments
0 Petitions
Accused Products
Abstract
Numbers standing for cash money can be spent only one time each, otherwise the account from which they were withdrawn would be revealed. More generally, a technique for issuing and showing blind digital signatures ensures that if they are shown responsive to different challenges, then certain information their signer ensures they contain will be revealed and can be recovered efficiently. Some embodiments allow the signatures to be unconditionally untraceable if shown no more than once. Extensions allow values to be encoded in the signatures when they are shown, and for change on unshown value to be obtained in a form that is aggregated and untraceable.
-
Citations
13 Claims
-
1. In a public-key digital signature system, the improvement comprising the steps of:
-
issuing digital signatures by an issuing party and the issuing party ensuring that with substantial probability each of the issued signatures contains identifying information; showing at least one of said issued signatures to at least one checking party to allow the checking party to verify the digital signature property of the signatures shown while substantially concealing, from even cooperation of every checking party and said signature issuing party, the identifying information contained in signatures shown at most once; and testing said shown signatures to yield with substantial probability said identifying information contained in signatures shown more than once. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. In a public-key digital signature system, the improvement comprising:
-
a. digital signatures having identifying information; b. means for checking said signatures when shown and means for substantially concealing said identifying information in said signatures shown once; and c. signature testing means for yielding with substantial probability said identifying information in said signatures shown more than once. - View Dependent Claims (10, 11, 12, 13)
-
Specification