Cryptology ePrint Archive: Report 2017/313

A Generic Approach to Identity-based Sequential Aggregate Signatures: New constructions from 2-level HIBE Schemes

Yanqing Yao, Hua Guo, Zhoujun Li

Abstract: Identity-based sequential aggregate signature (IBSAS) schemes are usually applied to secure network routing and sensor networks, since they allow multiple signers to sequentially produce a short signature of different messages to reduce bandwidth overhead and storage space for signatures, and allow signers to attest to these messages as well as the order in which they signed using their identities. In CCS’07, Boldyreva et al. introduced this concept and constructed the first IBSAS scheme in the random oracle model. After that, a couple of IBSAS schemes are proposed and proved. Unfortunately, none of them is constructed based on a standard computational problem and secure in the standard model (i.e., without random oracles). How to construct this kind of scheme is still an open problem. In this paper, we propose a generic construction of IBSAS schemes by employing 2-level Hierarchical Identity-based Encryption Schemes, and then prove its security in the security model proposed by Boldyreva et al. in CCS'07. Afterwards, we instantiate the generic construction to obtain a concrete IBSAS scheme secure under the Computational Diffie-Hellman (CDH) assumption in the standard model, thus solving the above open problem. An extra fruit of our generic construction is that it can be used to construct the first lattice-based IBSAS scheme, which is secure in the random oracle model. Finally, we show the performance comparisons between our schemes and previous ones.

Category / Keywords: public-key cryptography / Identity-based Signatures; Sequential Aggregate Signatures; the CDH Assumption; the Learning with Errors Problem; Network Security; Sensor Networks

Date: received 9 Apr 2017, withdrawn 23 Apr 2017

Contact author: yaoyanqing1984 at buaa edu cn,lizj@buaa edu cn

Available format(s): (-- withdrawn --)

Version: 20170423:143153 (All versions of this report)

Short URL: ia.cr/2017/313

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]