International Association
for Cryptologic Research

Concurrent signatures provide a way to exchange digital signature among parties in an efficient and fair manner. To the best of our knowledge, all the existing solutions are all proven secure in the random oracle model, which is only heuristic. How to build an efficient concurrent signature scheme in the standard model has been remaining an open problem since the introduction in EUROCRYPT 2004. In this paper we answer the problem affirmatively and propose a novel construction of concurrent signature, the security of which does not rely on the random oracle assumption. The ambiguity of our scheme is slightly different from the existing schemes, requiring that any one can produce indistinguishable ambiguous signatures using merely public information. Security of the new scheme is based on Computational Diffie-Hellman (CDH) assumption in the standard model, which is a rather standard and well-studied assumption in cryptography.