Multi-Certification Signatures and Their Applications to Public Key Infrastructure

As the application of digital signature is progressed in real life, the situation of using digital signatures tends to become more complex. Depending on applications a user may need to generate multiple signatures for the same message with his multiple signing keys. But the general approach of generating multiple independent signatures is not efficient. To solve this problem, we propose multi-key signature scheme in which a signer generates a single signature for a message using his multiple signing keys all together. Traditionally a signature provides the authenticity of a message (linked to a key pair) and a certificate provides the authenticity of the key pair (linked to a signer, certified by a certification authority), and they are generated and verified independently. We propose a new digital signature scheme called multicertification signature in which a signer generates a signature on a message using his signing key and related certification information together, and then a verifier can verify not only the signer’s signature on the message, but also related certification information, in a highly combined manner. Finally, we apply the proposed multi-certification signature scheme to public key infrastructure (PKI) and privilege management infrastructure (PMI), and show that signing and verification operations can be executed in very efficient manner.