Abstract:Signature-masked authentication scheme means: when a user obtains a signature (certificate) from CA, in order to get service from a service provider and to prevent any adversary from intercepting the signature or colluding with the service provider to frame him (or her), the user is intent on proving that he (or she) really owns the signature but not transmits it to the service provider directly. Considering previous schemes can not prevent CA from impersonating legitimate users, two different CAs are introduced in this paper, and under the assumption that these two CAs do not collude, three signature-masked authentication schemes are given which guarantee that anyone including CA can not impersonate the legitimate user to get service from the provider. The first scheme is a simple scheme of unilateral authentication. Moreover, under the assumption that the user has enough computation power, mutual authentication between the user and the provider is realized in the last two schemes. Furthermore considering the first two schemes above are vulnerable to denial of service (DoS) attack, under the assumption that CA is of certain reliability, the third scheme which can also partially realize the resistance to DoS attack is proposed.