A Hash-Based Quantum-Resistant Chameleon Signature Scheme

As a standard digital signature may be verified by anybody, it is unsuitable for personal or economically sensitive applications. The chameleon signature system was presented by Krawczyk and Rabin as a solution to this problem. It is based on a hash then sign model. The chameleon hash function enables the trapdoor information holder to compute a message digest collision. The holder of a chameleon signature is the recipient of a chameleon signature. He could compute collision on the hash value using the trapdoor information. This keeps the recipient from disclosing his conviction to a third party and ensures the privacy of the signature. The majority of the extant chameleon signature methods are built on the computationally infeasible number theory problems, like integer factorization and discrete log. Unfortunately, the construction of quantum computers would be rendered insecure to those schemes. This creates a solid requirement for construct chameleon signatures for the quantum world. Hence, this paper proposes a novel quantum secure chameleon signature scheme based on hash functions. As a hash-based cryptosystem is an essential candidate of a post-quantum cryptosystem, the proposed hash-based chameleon signature scheme would be a promising alternative to the number of theoretic-based methods. Furthermore, the proposed method is key exposure-free and satisfies the security requirements such as semantic security, non-transferability, and unforgeability.

Automated summary

The chameleon signature system, based on a hash then sign model, addresses the inadequacy of standard digital signatures for personal or economically sensitive applications. The system allows the holder of a chameleon signature to compute a message digest collision through a chameleon hash function and trapdoor information, ensuring privacy and non-disclosure to third parties. Additionally, the proposed quantum secure chameleon signature scheme based on hash functions provides a promising alternative to number theoretic-based methods, satisfying security requirements such as semantic security, non-transferability, and unforgeability without exposing keys.