A minimal variation is proposed of a recently described secret-key certificate scheme that is derived from the Schnorr signature scheme.The issuing protocol of the variation is conjectured to be restrictive blind in parallel mode, motivated by a recent argument of Schoenmakers.The variation demonstrates that the double use of a generator is not problematic in any way, contrary to the belief expressed by Schoenmakers. A more profound argument for the conjectured security in parallel mode is provided, and similar variations are described for secret-key certificates based on Brickell-McCurley signatures. To create some order in the variety of restrictive blind certificate schemes that have been proposed to date, their specific merits and limitations are categorized and discussed.

Security and Protection (acm D.4.6)
Cryptography (msc 94A60)
Department of Computer Science [CS]

Brands, S.A. (1995). More on restrictive blind issuing of secret-key certificates in parallel mode. Department of Computer Science [CS]. CWI.