Designated verifier signature

From Wikipedia, the free encyclopedia

A designated verifier signature is a signature scheme in which signatures can only be verified by a single, designated verifier, designated as part of the signature creation. Designated verifier signatures were first proposed in 1996 by Jakobsson Markus, Kazue Sako, and Russell Impagliazzo.[1] Proposed as a way to combine authentication and off-the-record messages, designated verifier signatures allow authenticated, private conversations to take place.

Unlike in undeniable signature scheme the protocol of verifying is non-interactive; i.e., the signer chooses the designated verifier (or the set of designated verifiers) in advance and does not take part in the verification process.