Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18] [ 19] [ 20] [ 21] [ 22] [ 23] [ 24] [ 25]

@

Journal of Information Science and Engineering, Vol. 26 No. 6, pp. 2093-2106 (November 2010)

Practical Certificateless Aggregate Signatures from Bilinear Maps*

ZHENG GONG1, YU LONG2, XUAN HONG2 AND KEFEI CHEN2,3
1Distributed and Embedded Security Group
Faculty of Electrical Engineering, Mathematics and Computer Science
University of Twente
Enschede, 7500, the Netherlands
2Department of Computer Science and Engineering
Shanghai Jiaotong University
Shanghai, 200240 P.R. China
3National Laboratory of Modern Communications
Chengdu, 610041 P.R. China

Aggregate signature is a digital signature with a striking property that anyone can aggregate n individual signatures on n different messages which are signed by n distinct signers, into a single compact signature to reduce computational and storage costs. In this work, two practical certificateless aggregate signature schemes are proposed from bilinear maps. The first scheme CAS-1 reduces the costs of communication and signer-side computation but trades off the storage, while CAS-2 minimizes the storage but sacrifices the communication costs. One can choose either of the schemes by consideration of the application requirement. Compare with ID-based schemes, our schemes do not entail public key certificates as well and achieve the trust Level 3, which imply the frauds of the authority are detectable. Both of the schemes are proven secure in the random oracle model by assuming the intractability of the computational Diffie-Hellman problem over the groups with bilinear maps, where the forking lemma technique is avoided.

Keywords: authentication, aggregate signature, certificateless, digital signature, bilinear maps

Full Text () Retrieve PDF document (201011_10.pdf)

Received December 23, 2008; revised March 25, 2009; accepted April 9, 2009.
Communicated by Tzong-Chen Wu.
* A preliminary version of this paper appears in SNPD 2007, IEEE Computer Society Proceedings. This is the full version. The first author acknowledges the financial support of SenterNovem for the ALwEN project, grant PNE07007. The authors are partially supported by NSFC (No.60803146), National 863 Projects of China (No.2007AA01Z456), National Basic Research Program (973) of China (No.2007CB311201) and the Foundation of NLMC (No. 9140C1103020803).