The notion of identity-based signature scheme (IBS) has been proven useful in some scenarios where relying on the validity of the certificates is impractical. Nevertheless, one remaining inherent problem that hinders the adoption of this cryptographic primitive in practice is due to the key escrow problem, where the private key generator (PKG) can always impersonate the user in the system. In 2010, Yuen et al. proposed the notion of IBS that does not suffer from the key escrow problem. Nevertheless, their approach relies on the judge who will later blame the malicious PKG when such a dispute occurs, assuming that the PKG is willing to collaborate. Although the approach is attractive, but unfortunately it is impractical since the malicious PKG may just refuse to collaborate when such an incident happens. In this paper, we propose a new escrow-free IBS, which enjoys three main advantages, namely key escrow free, practical and very efficient. We present a generic intuition as well as an efficient instantiation. In our approach, there is no judge involvement required, as the public can determine the malicious behaviour of PKG when such an incident happens. Further, the signature size of our instantiation is only two group elements, which outperforms the existing constructions in the literature.
|Name||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Conference||6th International Conference on Provable Security, ProvSec 2012|
|Period||26/09/12 → 28/09/12|
- identity-based signature
- key escrow
- Theoretical Computer Science
- Computer Science(all)