Designated verifier signature

A designated verifier signature is a signature scheme in which signatures can only be verified by a single, designated verifier, designated as part of the signature creation. Designated verifier signatures were first proposed in 1996 by Jakobsson Markus, Kazue Sako, and Russell Impagliazzo.^[1] Proposed as a way to combine authentication and off-the-record messages, designated verifier signatures allow authenticated, private conversations to take place.

Unlike in undeniable signature scheme the protocol of verifying is non-interactive; i.e., the signer chooses the designated verifier (or the set of designated verifiers) in advance and does not take part in the verification process.

See also

• Non-repudiation
• Undeniable signature

References

1. Jakobsson, Markus; Kazue Sako; Russell Impagliazzo (May 1996). "Designated Verifier Proofs and Their Applications" (PDF). In Ueli Maurer (ed.). Proceedings of Eurocrypt 1996. EUROCRYPT 1996. Vol. 1440. Saragossa, Spain: Springer-Verlag. pp. 199–205. doi:10.1007/3-540-49677-7_30. ISBN 978-3-540-65069-0.