
For FullText PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.

Tighter Reductions for Deterministic IdentityBased Signatures
Naoto YANAI Toru FUJIWARA
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Vol.E101A
No.1
pp.6476 Publication Date: 2018/01/01
Online ISSN: 17451337
DOI: 10.1587/transfun.E101.A.64
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security) Category: Keyword: identitybased signatures, deterministic identitybased signatures, provable security, CDH problem, random oracle model, tight reduction,
Full Text: PDF(874KB) >>Buy this Article
Summary:
Deterministic IDbased signatures are digital signatures where secret keys are probabilistically generated by a key generation center while the signatures are generated deterministically. Although the deterministic IDbased signatures are useful for both systematic and cryptographic applications, to the best of our knowledge, there is no scheme with a tight reduction proof. Loosely speaking, since the security is downgraded through dependence on the number of queries by an adversary, a tighter reduction for the security of a scheme is desirable, and this reduction must be as close to the difficulty of its underlying hard problem as possible. In this work, we discuss mathematical features for a tight reduction of deterministic IDbased signatures, and show that the scheme by Selvi et al. (IWSEC 2011) is tightly secure by our new proof framework under a selective security model where a target identity is designated in advance. Our proof technique is versatile, and hence a reduction cost becomes tighter than the original proof even under an adaptive security model. We furthermore improve the scheme by Herranz (The Comp. Jour., 2006) to prove tight security in the same manner as described above. We furthermore construct an aggregate signature scheme with partial aggregation, which is a key application of deterministic IDbased signatures, from the improved scheme.

