Informatica

Since threshold proxy signature has been proposed, all threshold proxy signature schemes are based on the discrete logarithm problems in the modular multiplicative group which has an element g with a large prime order. Nowadays this kind of threshold proxy signature schemes become more and more complex and time-consuming for security and specific requirement. In this paper, we propose a (bilinear) pairing-based threshold proxy signature scheme with known signers, analyze its security and check the following properties the proposed scheme has: non-repudiation, unforgeability, identifiability, distinguishability, verifiability, prevention of misuse of proxy signing right, etc. Moreover, we point out that the proposed scheme is of great efficiency by comparing it with Sun’s and Hsu et al.’s scheme.

Multisignature scheme allows a group of signers to generate a compact signature on a common document that certifies they endorsed the message. However, the existing state of the art multisignatures often suffers from the following problems: impractical key setup assumptions, loose security reductions and inefficient signature verification. In this paper, we propose a non-interactive multisignature scheme with tight security reduction in the random oracle model. Our proposed multisignatures address the above three problems by achieving: provable security in the plain public key model; tight security reduction under the standard Computational Diffie–Hellman (CDH) assumption and 𝒪(1) computational time for signature verification through pre-computation. Hence, our non-interactive multisignatures are of great use in routing authentication of networks.

We propose a distributed key generation protocol for pairing-based cryptosystems which is adaptively secure in the erasure-free and secure channel model, and at the same time completely avoids the use of interactive zero-knowledge proofs. Utilizing it as the threshold key generation protocol, we present a secure (t,n) threshold signature scheme based on the Waters' signature scheme. We prove that our scheme is unforgeable and robust against any adaptive adversary who can choose players for corruption at any time during the run of the protocols and make adaptive chosen-message attacks. And the security proof of ours is in the standard model (without random oracles). In addition our scheme achieves optimal resilience, that is, the adversary can corrupt any t<n/2 players.