Cryptology ePrint Archive: Report 2008/447

Divisible On-line/Off-line Signatures

Chong-zhi Gao and Baodian Wei and Dongqing Xie and Chunming Tang

Abstract: On-line/Off-line signatures are used in a particular scenario where the signer must respond quickly once the message to be signed is presented. The idea is to split the signing procedure into two phases: the off-line and on-line phases. The signer can do some pre-computations in off-line phase before he sees the message to be signed.

In most of these schemes, when signing a message $m$, a partial signature of $m$ is computed in the off-line phase. We call this part of signature the off-line signature token of message $m$. In some special applications, the off-line signature tokens might be exposed in the off-line phase. For example, some signers might want to transmit off-line signature tokens in the off-line phase in order to save the on-line transmission bandwidth. Another example is in the case of on-line/off-line threshold signature schemes, where off-line signature tokens are unavoidably exposed to all the players in the off-line phase.

This paper discusses this exposure problem and introduces a new notion: divisible on-line/off-line signatures, in which exposure of off-line signature tokens in off-line phase is allowed. An efficient construction of this type of signatures is also proposed. Furthermore, we show an important application of divisible on-line/off-line signatures in the area of on-line/off-line threshold signatures.

Category / Keywords: Signature Schemes, Divisible On-line/Off-line Signatures, On-line/Off-line Threshold Signatures.

Publication Info: An extended abstract of this paper appears in CT-RSA 2009, LNCS 5473, Springer-Verlag, 2009.

Date: received 22 Oct 2008, last revised 19 Apr 2009

Contact author: czgao at gzhu edu cn

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: A small revision in the statement of Theorem 1.

Version: 20090420:031937 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]