Galindo-Garcia Identity-Based Signature, Improved

In Africacrypt 2009, Galindo and Garcia proposed a lightweight identity-based signature (IBS) scheme based on the Schnorr signature. The construction is simple and claimed to be the most efficient IBS till date. The security is argued, primarily, by using the MultipleForking (MF) Algorithm which is used to launch nested replay attack on the adversary and, consequently, contradict the discrete-log assumption. However, this security argument was shown to be flawed, and subsequently fixed, by Chatterjee et al.. The resulting security, though, is still quite loose with a tightness gap of O ( q ) (where q denotes the bound on the number of queries to the random oracle). The loss of tightness is, in fact, inherited from the MF Algorithm. In this paper, we contemplate a better security bound for GalindoGarcia IBS (GG-IBS). To this end, we introduce two notions pertaining to the simulation of random oracles: “dependency” and “independency”. The notion of independency follows naturally for GG-IBS; dependency, on the other hand, has to be induced by modifying the construction of the protocol in a clever manner. It turns out that the two notions can be applied in conjunction, and this leads to the nested replay attack being launched far more effectively than using the MF Algorithm. As a result, the effective degradation is reduced to O ( q ) . The non-trivial aspect is to leverage these two notions in the security argument.