A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we first present a generic construction of convertible limited verifier signature (CLVS) into which the existing secure CLVS schemes fit. Afterwards, we extend this generic construction to address the unsolved question of designing an efficient construction with more than two limited verifiers. To this effect, two generic CLMVS constructions are presented, which are proven to be efficient in that they generate a unique signature for more than two limited verifiers. Given the first generic construction, each limited verifier checks the validity of the signature solely, while in the second, cooperation of all limited verifiers is imperative. Thereupon, on the ground of our second generic construction, we present the first pairing-based CLMVS scheme secure in the standard model, which is of a strong confirmation property as well. Finally, we employ the proposed CLMVS scheme for one limited verifier (CLVS) so as to design a new electronic voting protocol.


[1] D. Chaum and H. V. Antwerpen, "Undeniable signatures", Advances in Cryptology-CRYPTO'89, LNCS 435, pp. 212-216, 1989.

[2] M. Jakobsson, K. Sako and R. Impagliazzo, "Designated verifier proofs and their applications", Advances in Cryptology-EUROCRYPT'96, LNCS 1070, pp. 143-154, 1996.

[3] S. Araki, S. Uehara and K. Imamura, "The limited verifier signature and its application", IEICE Trans. Fundamentals, vol.E82-A, no.1, pp. 63-68, 1999.

[4] F. Zhang and K. Kim, "A Universal forgery on Araki et al.'s convertible limited verifier signature scheme", IEICE Trans. Fundamentals, vol. E86-A, no. 2, pp. 515-516, 2003.

[5] X. Chen, F. Zhang and K. Kim, "Limited verifier signature from bilinear pairings", in Proc. ACNS'04, Berlin: Springer, LNCS 3089, pp. 135-148, 2004.

[6] J. Zhang, H. Li and J. Wang, "A Convertible limited verifier signature scheme", WAIM 2005, Berlin: Springer, LNCS 3739, pp. 638-644, 2005.

[7] Z.-H. Shao, "Comment on a convertible limited verifier signature scheme", Journal of Zhejiang University of Science and Technology, vol. 18, no. 4, pp. 262-267, 2006.

[8] C. Wu and Z. Huang, "Certificateless convertible limited verifier signature scheme", TECON'06, IEEE, Hong Kong, China, 2006, pp.1-4.

[9] X. Wang, L. Cao, S. Wang and Y. Zhang, "Id-based convertible limited (multi-) verifier signature scheme", ICCSSE'08, IEEE CS, Wuhan, Hubei, 2008, pp. 774-777.

[10] R. Tso, X. Yi, T. Okamoto and E. Okamoto,"Efficient convertible limited verifier signatures", ISIT'08, IEEE , Toronto, Canada, 2008, pp. 230-234.

[11] X.Q. Shen and Y. Ming, "Identity-based convertible limited verifier signature scheme in the standard model", Journal of Applied Mechanics and Materials, Trans. Tech. Publications, vols. 48-49, pp. 599-602, 2011.

[12] F. Hess. "Efficient identity based signature schemes based on pairings", SAC 2002, K. Nyberg and H. Heys Eds., Berlin: Springer, LNCS 2595, pp. 310-324, 2003.

[13] F. Laguillaumie and D. Vergnaud, "Designated verifier signatures: anonymity and efficient construction from any bilinear map", SCN'04, Berlin: Springer, LNCS 3352, pp. 105-119, 2004.

[14] C.Y. Ng, W. Susilo and Y. Mu, "Universal designated multi verifier signature schemes", in Proc. 11th Int. Conf. Parallel and Distributed Systems (ICPADS'05), 2005, vol. 2, pp. 305-309.

[15] Y. Ming, X.Q. Shen and Y.M. Wang, "Certificateless universal designated verifier signature schemes", Journal of China Universities of Posts and Telecommunications, vol. 14, no. 3, pp.85-90, 2007.

[16] S.-H. Seo, J.Y. Hwang. K.Y. Choi and D.H. Lee, "Identity-based universal designated multi-verifiers signature schemes", Journal of Computer Standards and Interfaces, Elsevier Inc., vol. 30, pp. 288-295, 2008.

[17] F. Cao and Z. Cao, "An identity based universal designated verifier signature scheme secure in the standard model", Journal of Systems and Software, Elsevier Inc., vol. 82, pp. 643-649, 2009.

[18] B. Waters, "Efficient identity-based encryption without random oracles", Advances in Cryptology-EUROCRYPT'05, Berlin: Springer, LNCS 3494, pp. 114-127, 2005.

[19] F. Laguillaumie, B. Libert and J.J. Quisquater, "Universal designated verifier signatures without random oracles or non-black box assumptions", in Proc. 5th Int. Conf. Security and Cryptography for Networks (SCN 2006), Berlin: Springer, LNCS 4116, pp. 63-77, 2006.

[20] Y. Ming and Y. Wang, "Universal designated multi verifier signature scheme without random oracles", Journal of Natural Sciences, Wuhan University, vol. 13, no. 6, pp. 685-491, 2008.

[21] K. Sampigethaya and R. Poovendran, "A framework and taxonomy for comparison of electronic voting schemes", Computers and Security, vol. 25, no. 2, pp. 137-153, 2006.

[22] C.T. Li, M.S. Hwang and C.Y. Liu, "An electronic voting protocol with deniable authentication for mobile ad hoc networks", Journal of Computer Communications, Elsevier Inc., vol. 31, pp. 2534-2540, 2008.

[23] S. Avizheh, M. Rajabzadeh Asaar and M. Salmasizadeh, "A new internet voting protocol with voter's protection based on deniable authentication", in Proc. 9th Int. ISC Conf. Information Security and Cryptology, Tabriz, Iran, 2012.

[24] C. Dwork, M. Naor and A. Sahai, "Concurrent zero-knowledge", in Proc. 30th Annu. ACM Symp. Theory of Computing, Dallas TX, USA, 1998, pp. 409-418.

[25] Y.F. Chung and Z.Y. Wu, "Approach to designing bribery-free and coercion-free electronic voting scheme", Journal of Systems and Software, Elsevier Inc., vol. 82, pp. 2081-2090, 2009.

[26] K.G. Paterson and J.C.N. Schuldt, "Efficient identity-based signature secure in the standard model", In: Batten, L.M., Safavi-Naini, R. (Eds.), ACISP 2006, Berlin: Springer, LNCS 4058, pp. 207-222, 2006.