Practical Secret Signature Scheme with No Randomness Saving

Secret signatures, proposed by Lee \textit{et al.} \cite{LCYY07,LLK09}, provide signature privacy and public provability at the same time. Using these schemes a signer can send his signature secretly to a designated receiver such that only the designated receiver can verify the signature. Moreover, if any argument occurs between them, the validity of the secret signature can be proven publicly either by the signer or the receiver. But in these schemes one of the drawback is that the signer has to keep the random number used in the signing algorithm for later use, i.e., to provide public provability. This is very impractical in the real world, since random numbers used in many cryptographic algorithms are generally used only once and they have to be removed safely for security reason. In this paper we amend Lee \textit{et al.}'s secret signature scheme such that random number is replaced by a pseudo random number that can be computed only by the signer as a function of signer's private key and timestamp. With this change signer can compute the pseudo random number at any later time that he doesn't need to save it anymore, and it can be computed only by the signer. With this change we think that secret signature scheme becomes more practical and can be used as an important cryptographic primitive to achieve signature privacy in the real world.