Skip to main content

Pairing-Free ID-Based Signatures as Secure as Discrete Logarithm in AGM

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14895))

Included in the following conference series:

  • 302 Accesses

Abstract

Identity-based signatures (IBS) allow the signer’s identity information to be used as the public key for signature verification, eliminating the need for managing certificates to establish ownership of the corresponding public key. The Schnorr-like IBS due to Galindo and Garcia is known as the most efficient IBS based on the discrete logarithm (DL) problem, without the need for computationally expensive pairing operations. This makes it a lightweight and efficient solution for signature generation and verification. Unfortunately, the security reduction of Schnorr-like IBS is not tight under the standard EUF-CMA in the ID-based setting. Recently, by using the algebraic group model (AGM), where adversary computation is algebraic, the EUF-CMA security of ordinary Schnorr signatures has been proven tightly secure under DL assumption with random oracles. However, one could not trivially apply the reduction of Schnorr signatures in AGM to achieve tight security for the Schnorr-like IBS scheme because of the inability to capture the chosen identity-and-message attacks. In this work, we show that, with the adoption of AGM, it is feasible to tighten the EUF-CMA security for IBS without pairing under DL assumption with random oracles. We resolve the chosen identity-and-message attacks by adopting the OR-proof technique to generate the user’s private key containing the DL of either one of the two random group elements, leading to a new pairing-free IBS scheme. We provide a concrete security analysis for the scheme in AGM showing that by embedding the DL problem instance into one of the randomness, the algebraic adversary could only return a non-reducible forgery and representations with half of the success probability.

W. Susilo—Supported by the ARC Australian Laureate Fellowship FL230100033.

F. Guo—Supported by the ARC Future Fellowship FT220100046.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ahed, K., Benamar, M., El Ouazzani, R.: Content delivery in named data networking based internet of things. In: 2019 15th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 1397–1402. IEEE (2019)

    Google Scholar 

  2. Bacho, R., Loss, J.: On the adaptive security of the threshold BLS signature scheme. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 193–207 (2022)

    Google Scholar 

  3. Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.-J.: Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447_28

    Chapter  Google Scholar 

  4. Bellare, M., Dai, W.: Chain reductions for multi-signatures and the HBMS scheme. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13093, pp. 650–678. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92068-5_22

    Chapter  Google Scholar 

  5. Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. J. Cryptol. 22(1), 1–61 (2009)

    Article  MathSciNet  Google Scholar 

  6. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73 (1993)

    Google Scholar 

  7. Beth, T.: Efficient zero-knowledge identification scheme for smart cards. In: Barstow, D., Brauer, W., Brinch Hansen, P., Gries, D., Luckham, D., Moler, C., Pnueli, A., Seegmüller, G., Stoer, J., Wirth, N., Günther, C.G. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 77–84. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-45961-8_7

    Chapter  Google Scholar 

  8. Chatterjee, S., Kamath, C., Kumar, V.: Galindo-Garcia identity-based signature revisited. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 456–471. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_32

    Chapter  Google Scholar 

  9. Choon, J.C., Hee Cheon, J.: An identity-based signature from gap Diffie-Hellman groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36288-6_2

    Chapter  Google Scholar 

  10. Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_19

    Chapter  Google Scholar 

  11. Crites, E., Komlo, C., Maller, M.: How to prove Schnorr assuming Schnorr: Security of multi-and threshold signatures. Cryptology ePrint Archive (2021)

    Google Scholar 

  12. Crites, E., Komlo, C., Maller, M.: Fully adaptive Schnorr threshold signatures. In: Handschuh, H., Lysyanskaya, A. (eds.) CRYPTO 2023. LNCS, vol. 14081, pp. 678–709. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-38557-5_22

    Chapter  Google Scholar 

  13. Crites, E., Komlo, C., Maller, M., Tessaro, S., Zhu, C.: Snowblind: a threshold blind signature in pairing-free groups. In: Handschuh, H., Lysyanskaya, A. (eds.) CRYPTO 2023. LNCS, vol. 14081, pp. 710–742. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-38557-5_23

    Chapter  Google Scholar 

  14. Du, H., Wen, Q.: An efficient identity-based short signature scheme from bilinear pairings. In: 2007 International Conference on Computational Intelligence and Security (CIS 2007), pp. 725–729. IEEE (2007)

    Google Scholar 

  15. Fuchsbauer, G., Kiltz, E., Loss, J.: The algebraic group model and its applications. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 33–62. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96881-0_2

    Chapter  Google Scholar 

  16. Fuchsbauer, G., Plouviez, A., Seurin, Y.: Blind Schnorr signatures and signed ElGamal encryption in the algebraic group model. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12106, pp. 63–95. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45724-2_3

    Chapter  Google Scholar 

  17. Fukumitsu, M., Hasegawa, S.: A Galindo-Garcia-like identity-based signature with tight security reduction. In: 2017 Fifth International Symposium on Computing and Networking (CANDAR), pp. 87–93. IEEE (2017)

    Google Scholar 

  18. Fukumitsu, M., Hasegawa, S.: A Galindo-Garcia-like identity-based signature with tight security reduction, revisited. In: 2018 Sixth International Symposium on Computing and Networking (CANDAR), pp. 92–98. IEEE (2018)

    Google Scholar 

  19. Galindo, D., Garcia, F.D.: A Schnorr-like lightweight identity-based signature scheme. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 135–148. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02384-2_9

    Chapter  Google Scholar 

  20. Gjøsteen, K., Jager, T.: Practical and tightly-secure digital signatures and authenticated key exchange. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 95–125. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96881-0_4

    Chapter  Google Scholar 

  21. Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36492-7_20

    Chapter  Google Scholar 

  22. Kastner, J., Loss, J., Xu, J.: The Abe-Okamoto partially blind signature scheme revisited. In: Agrawal, S., Lin, D. (eds.) ASIACRYPT 2022. LNCS, vol. 13794, pp. 279–309. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22972-5_10

    Chapter  Google Scholar 

  23. Kastner, J., Loss, J., Xu, J.: On pairing-free blind signature schemes in the algebraic group model. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) PKC 2022. LNCS, vol. 13178, pp. 468–497. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-97131-1_16

    Chapter  Google Scholar 

  24. Kılınç Alper, H., Burdges, J.: Two-round trip Schnorr multi-signatures via delinearized witnesses. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12825, pp. 157–188. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84242-0_7

    Chapter  Google Scholar 

  25. Kiltz, E., Masny, D., Pan, J.: Optimal security proofs for signatures from identification schemes. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 33–61. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_2

    Chapter  Google Scholar 

  26. Kiltz, E., Neven, G.: Identity-based signatures. In: Joye, M., Neven, G. (eds.) Identity-Based Cryptography, Cryptology and Information Security Series, vol. 2, pp. 31–44. IOS Press (2009). https://doi.org/10.3233/978-1-58603-947-9-31

  27. Lee, K., Kim, H.: Two-round multi-signature from Okamoto signature. Cryptology ePrint Archive (2022)

    Google Scholar 

  28. Loh, J.C., Guo, F., Susilo, W., Yang, G.: A tightly secure id-based signature scheme under dl assumption in AGM. In: Simpson, L., RezazadehBaee, M.A. (eds.) ACISP 2023. LNCS, vol. 13915, pp. 199–219. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-35486-1_10

    Chapter  Google Scholar 

  29. Naccache, D., Pointcheval, D., Stern, J.: Twin signatures: an alternative to the hash-and-sign paradigm. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 20–27 (2001)

    Google Scholar 

  30. Nick, J., Ruffing, T., Seurin, Y.: MuSig2: simple two-round Schnorr multi-signatures. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12825, pp. 189–221. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84242-0_8

    Chapter  Google Scholar 

  31. Nour, B., et al.: Internet of things mobility over information-centric/named-data networking. IEEE Internet Comput. 24(1), 14–24 (2019)

    Article  Google Scholar 

  32. Oliveira, L.B., et al.: TinyPBC: pairings for authenticated identity-based non-interactive key distribution in sensor networks. Comput. Commun. 34(3), 485–493 (2011)

    Article  Google Scholar 

  33. Paillier, P., Vergnaud, D.: Discrete-log-based signatures may not be equivalent to discrete log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1–20. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447_1

    Chapter  Google Scholar 

  34. Paterson, K.G.: Id-based signatures from pairings on elliptic curves. Electron. Lett. 38(18), 1025–1026 (2002)

    Article  Google Scholar 

  35. Paterson, K.G., Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 207–222. Springer, Heidelberg (2006). https://doi.org/10.1007/11780656_18

    Chapter  Google Scholar 

  36. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000)

    Article  Google Scholar 

  37. Rahman, S.M.M., El-Khatib, K.: Private key agreement and secure communication for heterogeneous sensor networks. J. Parallel Distrib. Computi. 70(8), 858–870 (2010)

    Article  Google Scholar 

  38. Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_22

    Chapter  Google Scholar 

  39. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5

    Chapter  Google Scholar 

  40. Tessaro, S., Zhu, C.: Short pairing-free blind signatures with exponential security. Cryptology ePrint Archive (2022)

    Google Scholar 

  41. Xiong, W., Wang, R., Wang, Y., Zhou, F., Luo, X.: CPPA-D: efficient conditional privacy-preserving authentication scheme with double-insurance in VANETs. IEEE Trans. Veh. Technol. 70(4), 3456–3468 (2021)

    Article  Google Scholar 

  42. Zhang, X., Liu, S., Gu, D., Liu, J.K.: A generic construction of tightly secure signatures in the multi-user setting. Theoret. Comput. Sci. 775, 32–52 (2019)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgement

We extend our gratitude to the anonymous reviewers for their valuable feedback.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Jia-Chng Loh .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Loh, JC., Guo, F., Susilo, W. (2024). Pairing-Free ID-Based Signatures as Secure as Discrete Logarithm in AGM. In: Zhu, T., Li, Y. (eds) Information Security and Privacy. ACISP 2024. Lecture Notes in Computer Science, vol 14895. Springer, Singapore. https://doi.org/10.1007/978-981-97-5025-2_18

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-5025-2_18

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-5024-5

  • Online ISBN: 978-981-97-5025-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics