Designated Verifier Signatures

Dr Michael Scott

Digital signatures, cryptographich signing and designated verifier signatures

Here, Dr Michael Scott considers digital signatures and the verification they provide in today’s digital world. (4 Minute Read)

Digital signature is an attempt to provide a digital analogue of the human signature. Before getting into that, let’s look again at the human signature, and what it provides.

The hand-written human signature provides irrevocable authentication of a document. You sign something, you are committed to it, and you can’t deny it later.

How good is it at that job? Surprisingly good. Sometimes we assume that old methods are very unsophisticated and easily improved upon by modern technology. Not necessarily so. For example our old pencil-and-paper method of voting in elections has proven to be much safer than any proposed technological solution.

The human signature is in fact a kind of biometric, as it is associated with our unique physiology. It’s not easy to forge some-one else’s signature, our hands just don’t work like that. And success in forgery depends on who we are trying to fool. However hand-writing experts exist who can testify before a court whether or not a signature is genuine. And (and this is the important bit), courts will accept such evidence.

To verify a human signature it must be compared against an existing template, whose provenance cannot be questioned. Clearly I cannot verify John Doe’s signature, unless I have a proven example to compare it against. Only those familiar with or provided with the template, can verify a signature.

There was another pre-technology method of document authentication, the seal. This was typically an ornate object with a unique elaborate carving on its base. The document would be folded, hot red wax poured on the join, and stamped with the seal (as commonly seen on the Game of Thrones). But the seal does not have any biometric properties – it was mere possession of the unique seal that allowed some important personage to apply his signature to documents.

Which brings us to the modern age. The classic digital signature is more like a seal, as it is our possession of a unique secret key that allows us to make such signatures. Which as any school child would figure out instantly reveals a weakness. I can revoke my signature by simply claiming “I lost it – someone else must have found it and use it to make my signature”. However until digital technology is embedded into our bodies, this is a weakness that it seems we will just have to live with.

There are however advantages. Anyone can verify my digital signature without access to a template. All they need is my public key, which they can obtain from a freely available digital certificate. We will call this the “universal verification” property.

And a signature can be mathematically proven to be genuine – no so-called “hand-writing experts” needed. This is a much surer, simpler and cheaper way to resolve disputes.

Digital signatures are now considered acceptable in the modern courtroom. When we do on-line banking, or file tax returns, it is common to be asked to digitally sign important transactions.

But wait a minute. Just how important is it for us that digital signatures can be verified by any Tom, Dick or Harry? In the case of a Bank, surely it makes sense that signature verification can only be carried out by the Bank. It’s nobody else’s business (except in the case of a dispute when an external judge must be called in). So maybe this universal verification capability is a “feature” that we could dispense with if that bought us other advantages. After all the human signature does not support universal verification, and that’s what we are trying to replace.

Which brings us to the MIRACL Designated Verifier Signature. Now the verifier is issued with a single secret which allows them (and only them) to verify all of their client’s signatures. And what do we get in return for ditching universal verification? We get true multi-factor time-stamped signatures. Client signing secrets are typically divided into a simple 4-digit PIN number and a Token, and both must be provided to form a signature. This greatly mitigates the “I lost my secret” excuse, as claiming to have lost both your Token and your PIN sounds pretty unlikely, and will not impress that judge. The date that the signature was applied can also be mathematically tied into the signature, as can any biometric of your choice. All of this in a software-only solution. No expensive hardware required.

That’s a big improvement over the current state-of-the-art, and surely the future of digital signature. Read the full white paper here – 190819 MIRACL - Designated Verifier Signatures by Dr Michael Scott.pdf”


Dr Michael Scott is Chief Crypto Officer at MIRACL – www.miracl.com, one of the pioneers of Pairing-based Cryptography and the “S” in the widely used BLS and KSS families of elliptic curves. Following a distinguished career of almost 30 years at Dublin City University and an active consultant to both public and private sector, his unmatched depth in knowledge is drawn not only from his academic expertise - he’s published over 100 highly cited papers – but his genuine love of cryptography and the science behind this.

To find out more about MIRACL solutions visit www.miracl.com