Attribute-based strong designated-verifier signature scheme

In a strong designated-verifier signature scheme, only the verifier who is designated by a signer can check the validity of a signature via her/his private keys, which process contrasts with the public verifiability of a typical signature scheme. In applications in multi-user communication environments, a user may want to sign a document such that only some specified parties can confirm the signature. To do so, the signer can generate many designated-verifier signatures on a document for various designated verifiers, or she/he signs the document, encrypts the signature, and then sends the encrypted messages to the specified parties. However, the signer has to generate multiple signatures, as determined by the numbers of the designated verifiers in the former method and the latter method, signs a document and then encrypts it, that could lose their designation (which phenomenon is called source hiding). To solve the above problems, this study proposes an attribute-based strong designated-verifier signature scheme with source hiding, such that a signer needs to generate only one signature for a group of designated verifiers with attributes at specified values. To the best of the authors' knowledge, no attribute-based strong designated-verifier signature scheme has been formally presented before.