In this section, we compare our certificateless short signature scheme with other existing CLS schemes and BLS short signature scheme [9] from the aspect of communication cost and computation cost in signature signing and verification, respectively.
Efficient and Short Certificateless Signature 75 In the comparison, the operations such as ˆe(g, g), ˆe(P K1, QID) = ˆe(P K2, g) or ˆ
e(H0(ID ), Ppub) are pre-computable or only need to be computed once. There-fore, these computations are neglected in the comparison. In Table 1, certifi-cateless signature schemes are marked with ”CLS”. Other schemes are marked with“No”. We denote by ˆe a computation of the pairing, EG1 an exponentia-tion inG1, and EG2 an exponentiation inG2. Usually, pairing operations cost much more than other computations. One ˆe operation is about 10 times more expensive than one E(.) operation.
We can see in Table 1 that our scheme is as efficient as BLS short signature [9]
but our scheme is certificateless whereas BLS scheme is not. This means there is no need to verify a certificate in our scheme while using BLS scheme, a verifier needs to verify the certificate in order to confirm the correctness of the public key, as in the conventional Public key Infrastructure (PKI), which is generally considered to be costly to use and manage. From this point of view, our scheme is superior than BLS short signature scheme.
Among all certificateless signature schemes, Huang et al.’s first scheme in [15]
is the only signature scheme providing short signature-length (about 160 bits) as ours. However, our scheme is more efficient than their scheme in the verification phase. To the best of our knowledge, our scheme is the most efficient CLS scheme in the aspects of both communication and computation costs.
6 Conclusion
In this paper, we proposed a certificateless signature scheme which is as efficient as BLS short signature. We also defined a new hard problem “modified k-CAA problem” based on the k-CAA problem. The security of the proposed scheme is proved in the random oracle model under the hardness of k-CAA problem and modified k-CAA problem.
References
1. Au, M.H., Chen, J., Liu, J.K., Mu, Y., Wong, D.S., Yang, G.: Malicious KGC attacks in certificateless cryptography. In: Proceedings of ASIACCS 2007, pp. 302–
311 (2007)
2. Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
3. Barr, K., Asanovic, K.: Energy aware lossless data compression. In: Proceedings of the ACM Conference on Mobile Systems, Applications, and Services (MobiSys) (2003)
4. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithm for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp.
354–369. Springer, Heidelberg (2002)
5. Barreto, P.S.L.M., Lynn, B., Scott, M.: On the selection of pairing-friendly groups.
In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 17–25.
Springer, Heidelberg (2004)
76 R. Tso, X. Yi, and X. Huang
6. Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: Proceedings of the 13th ACM Confetence on Computer and Communication Security, pp. 390–398 (2006)
7. Bellare, M., Palacio, A.: The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp.
273–289. Springer, Heidelberg (2004)
8. Boneh, D., Boyen, X.: Short signatures withou rando oracles. In: Cachin, C., Ca-menisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)
9. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–533. Springer, Heidelberg (2001)
10. Choi, K.Y., Park, J.H., Hwang, J.Y., Lee, D.H.: Efficient certificateless signature schemes. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 443–458.
Springer, Heidelberg (2007)
11. Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)
12. Gorantla, M.C., Saxena, A.: An efficient certificateless signature scheme. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C. (eds.) CIS 2005. LNCS, vol. 3802(II), pp. 110–116. Springer, Heidelberg (2005)
13. Hada, S., Tanaka, T.: On the existence of 3-round zero-knowledge protocols. In:
Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 408–423. Springer, Hei-delberg (1998)
14. Hu, B.C., Wong, D.S., Zhang, Z., Deng, X.: Certificatelss signature: a new secu-rity model and an improved generic construction. Designs, Codes and Cryptogra-phy 42(2), 109–126 (2007)
15. Huang, X., Mu, Y., Susilo, W., Wong, D.S., Wu, W.: Certificateless signature revisted. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 308–322. Springer, Heidelberg (2007)
16. Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from Asiacrypt 2003. In: Desmedt, Y.G., Wang, H., Mu, Y., Li, Y. (eds.) CANS 2005. LNCS, vol. 3810, pp. 13–25. Springer, Heidelberg (2005)
17. Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: Pro-ceedings of ASIACCS 2007, pp. 273–283 (2007)
18. Mitsunari, S., Sakai, R., Kasahara, M.: A new traitor tracing. Journal of IEICE Trans. Fundamentals E85-A(2), 481–484 (2002)
19. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
20. Tˆo, V., Safavi-Naini, R., Zhang, F.: New traitor tracing schemes using bilinear map. In: Proceedings of 2003 DRM Workshop, pp. 67–76 (2003)
21. Yap, W.L., Heng, S.H., Goi, B.M.: An efficient certificteless signature. In: Zhou, X., Sokolsky, O., Yan, L., Jung, E.-S., Shao, Z., Mu, Y., Lee, D.C., Kim, D.Y., Jeong, Y.-S., Xu, C.-Z. (eds.) EUC Workshops 2006. LNCS, vol. 4097, pp. 322–
331. Springer, Heidelberg (2006)
22. Yap, W.L., Chow, S.S.M., Heng, S.H., Goi, B.M.: Security Mediated Certificateless Signatures. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 459–477.
Springer, Heidelberg (2007)
Efficient and Short Certificateless Signature 77
23. Yum, D.H., Lee, P.J.: Generic construction of certificateless signature. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 200–
211. Springer, Heidelberg (2004)
24. Zhang, F., Safavi-Naini, R., Susilo, W.: An efficient signature scheme from binilear pairings and its applications. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004.
LNCS, vol. 2947, pp. 277–290. Springer, Heidelberg (2004)
25. Zhang, Z., Wong, D.S., Xu, J., Feng, D.: Certificateless public-key signature: secu-rity model and efficiet construction. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 293–308. Springer, Heidelberg (2006)