Public keys for e-coins: partially solved problem using signature with rerandomizable keys

We give an example of an existing cryptographic mechanism that can be considered as a partial solution to the problem “Public keys for e-coins” proposed at the International Olympiad in Cryptography NSUCRYPTO'2022. This mechanism is used with the class of signatures with rerandomizable keys and provides one of the two security properties required by the authors of the problem. The results of this paper contain a systematic description of security models that can be used to analyze signature with rerandomizable keys, which is of independent interest.