A Schnorr-Like Lightweight Identity-Based Signature Scheme
نویسندگان
چکیده
The use of concatenated Schnorr signatures [Sch91] for the hierarchical delegation of public keys is a well-known technique. In this paper we carry out a thorough analysis of the identity-based signature scheme that this technique yields. The resulting scheme is of interest since it is intuitive, simple and does not require pairings. We prove that the scheme is secure against existential forgery on adaptive chosen message and adaptive identity attacks using a variant of the Forking Lemma [PS00]. The security is proven in the Random Oracle Model under the discrete logarithm assumption. Next, we provide an estimation of its performance, including a comparison with the state of the art on identity-based signatures. We draw the conclusion that the Schnorrlike identity-based signature scheme is arguably the most efficient such scheme known to date.
منابع مشابه
Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
This paper presents a three-move interactive identification scheme and proves it to be as secure as t h e discrete logarithm problem. This provably secure scheme is almost as efficient as t,he Schnorr identification scheme, while the Schnorr scheme is not provably secure. This paper also presents another practical identification scheme which is proven to be as secure as the factoring problem ar...
متن کاملIdentity-Based Deterministic Signature Scheme without Forking-Lemma
Since the discovery of identity based cryptography, a number of identity based signature schemes were reported in the literature. Although, a lot of identity based signature schemes were proposed, the only identity based deterministic signature scheme was given by Javier Herranz. This signature scheme uses Schnorr signature scheme for generating the private key of the users and uses BLS short s...
متن کاملE cient and Provably Secure Identity Based Aggregate Signature Schemes With Partial and Full Aggregation
An identity based signature allows users to sign their documents using their private keys and the signature can be verified by any user by using the identity of the signer and public parameters of the system. This allows secure communication between the users without any exchange of certificates. An aggregate signature scheme is a digital signature scheme which allows aggregation of di erent si...
متن کاملTwin-Schnorr: A Security Upgrade for the Schnorr Identity-Based Identification Scheme
Most identity-based identification (IBI) schemes proposed in recent literature are built using pairing operations. This decreases efficiency due to the high operation costs of pairings. Furthermore, most of these IBI schemes are proven to be secure against impersonation under active and concurrent attacks using interactive assumptions such as the one-more RSA inversion assumption or the one-mor...
متن کاملAccountable-Subgroup Multisignatures
Formal models and security proofs are especially important for multisignatures: in contrast to threshold signatures, no precise definitions were ever provided for such schemes, and some proposals were subsequently broken. In this paper, we formalize and implement a variant of multi-signature schemes, Accountable-Subgroup Multisignatures (ASM). In essence, ASM schemes enable any subgroup, S, of ...
متن کامل