Signatures with efficient protocols

From Wikipedia, the free encyclopedia

Signatures with efficient protocols are a form of digital signature invented by Jan Camenisch and Anna Lysyanskaya in 2001. In addition to being secure digital signatures, they need to allow for the efficient implementation of two protocols:

  1. A protocol for computing a digital signature in a secure two-party computation protocol.
  2. A protocol for proving knowledge of a digital signature in a zero-knowledge protocol.[1]

In applications, the first protocol allows a signer to possess the signing key to issue a signature to a user (the signature owner) without learning all the messages being signed or the complete signature.

The second protocol allows the signature owner to prove that he has a signature on many messages without revealing the signature and only a (possibly) empty subset of the messages.

The combination of these two protocols allows for the implementation of digital credential[2] and ecash protocols.[3]

See also[edit]


  1. ^ "Digital Signature". Retrieved 2021-05-04.
  2. ^ "Digital certificates and PKI". Retrieved 2021-05-04.
  3. ^ "Introducing the Signature Activation Protocol for Remote Server Signing". Retrieved 2021-05-04.

Further reading[edit]