A randomized RSA-based partially blind signature scheme for electronic cash

Blind signature schemes can yield a signature and message pair whose information does not leak to the signer. However, when blind signatures are used to design e-cash schemes, there are two problems. One is the unlimited growth of the bank's database which keeps all spent e-cashes for preventing double spending. Another problem is that the signer must assure himself that the message contains accurate information such as the face value of the e-cash without seeing it. Partially blind signatures can cope with these problems. In partially blind signatures, the signer can explicitly include some agreed common information such as the expiration date and the face value in the blind signature. Randomized signature schemes can withstand one-more-forgery under the chosen plaintext attack. Based on RSA cryptosystem Fan-Chen-Yeh proposed a randomized blind signature scheme and Chien-Jan-Tseng also proposed a randomized partially blind signature scheme. But, the attacker can remove the randomizing factor from the messages to be signed in these two schemes. The attacker can also change the common information of Chien-Jan-Tseng's partially blind signature. In this paper, we propose a secure randomized RSA-based partially blind signature scheme, and show that the proposed scheme satisfies the blindness and unforgeability properties. We also analyse the computation cost of the proposed scheme.