| 摘要 |
A digital authentication system that can be used in place of signature schemes is disclosed. Instead of allowing the provider of the message to become convinced upon receipt that an authenticator is valid (2.4), as with signature schemes, it is optimistically assumed that the authenticating party does not cheat. Parties may wait until periodic audit during which the validity of all authenticators asserted to be valid, at showing and even at issuing, can be established with high probability. Nevertheless conventional digital signature techniques can be used to sign the authenticators at issuing, at least in batches, to provide a kind of proof for use if an authenticating party does cheat. One example application is for electronic cash protocols, for which additional techniques are disclosed. Another example application is for untraceable credentials systems, and again further techniques are also disclosed in the context of such credential applications.
|
