Efficient Identity-Based Signatures Secure in the Standard Model

  • Kenneth G. Paterson
  • Jacob C. N. Schuldt
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4058)


The only known construction of identity-based signatures that can be proven secure in the standard model is based on the approach of attaching certificates to non-identity-based signatures. This folklore construction method leads to schemes that are somewhat inefficient and leaves open the problem of finding more efficient direct constructions. We present the first such construction. Our scheme is obtained from a modification of Waters’ recently proposed identity-based encryption scheme. It is computationally efficient and the signatures are short. The scheme’s security is proven in the standard model and rests on the hardness of the computational Diffie-Hellman problem in groups equipped with a pairing.


Signature Scheme Random Oracle Discrete Logarithm Problem Random Oracle Model Public Parameter 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [ADR02]
    An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 83–107. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. [Bar]
    Barreto, P.S.L.M.: The pairing-based crypto lounge, http://paginas.terra.com.br/informatica/paulobarreto/pblounge.html
  3. [BB04a]
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, Camenisch (ECCOA) pp. 223–238Google Scholar
  4. [BB04b]
    Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004)Google Scholar
  5. [BB04c]
    Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, Camenisch (eds.) [CC04], pp. 56–73Google Scholar
  6. [BBP04]
    Bellare, M., Boldyreva, A., Palacio, A.: An uninstantiable random-oracle-model scheme for a hybrid-encryption problem. In: Cachin, Camenisch (eds.) (CCO4) pp. 171–188Google Scholar
  7. [BF01]
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. [BLMQ05]
    Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.-J.: Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. [BLS04]
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptology 17(4), 297–319 (2004)MATHCrossRefMathSciNetGoogle Scholar
  10. [BNN04]
    Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. In: Cachin, Camenisch (eds.) (CCo4) pp. 268–286Google Scholar
  11. [BR93]
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proc. of CCS 1993, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  12. [CC03]
    Cha, J.C., Cheon, J.H.: An identity-based signature from gap Diffie-Hellman groups. In: Desmedt (CCo4) pp. 18–30Google Scholar
  13. [CC04]
    Cachin, C., Camenisch, J. (eds.): EUROCRYPT 2004. LNCS, vol. 3027. Springer, Heidelberg (2004)MATHGoogle Scholar
  14. [CGH98]
    Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited (preliminary version). In: STOC, pp. 209–218 (1998)Google Scholar
  15. [Coc01]
    Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. [Des02]
    Desmedt, Y.G. (ed.): PKC 2003. LNCS, vol. 2567. Springer, Heidelberg (2002)MATHGoogle Scholar
  17. [DKXY03]
    Dodis, Y., Katz, J., Xu, S., Yung, M.: Strong key-insulated signature schemes. In: Desmedt (Des02) pp. 130–144Google Scholar
  18. [Gal05]
    Galbraith, S.D.: Pairings. In: Seroussi, G., Blake, I.F., Smart, N.P. (eds.) Advances in Elliptic Curve Cryptography, pp. 183–212. Cambridge University Press, Cambridge (2005)CrossRefGoogle Scholar
  19. [GMR88]
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281–308 (1988)MATHCrossRefMathSciNetGoogle Scholar
  20. [GS02]
    Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  21. [Hes02]
    Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. [KMPR05]
    Kiltz, E., Mityagin, A., Panjwani, S., Raghavan, B.: Append-only signatures. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 434–445. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  23. [Nac05]
    Naccache, D.: Secure and practical identity-based encryption. Cryptology ePrint Archive, Report 2005/369 (2005) http://eprint.iacr.org/
  24. [Pat02]
    Paterson, K.G.: ID-based signatures from pairings on elliptic curves. IEE Electronics Letters 38(18), 1025–1026 (2002)CrossRefGoogle Scholar
  25. [PS02]
    Paterson, K.G., Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. Cryptology ePrint Archive, Report 2006/080 (2006), http://eprint.iacr.org/
  26. [SC05]
    Chatterjee, S., Sarkar, P.: Trading time for space: Towards an efficient IBE scheme with short(er) public parameters in the standard model. In: Proceedings of ICISC (to appear, 2005)Google Scholar
  27. [Sha84]
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  28. [Wat05]
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  29. [Yi03]
    Yi, X.: An identity-based signature scheme from the Weil pairing. IEEE Communications Letters 7(2) (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Kenneth G. Paterson
    • 1
  • Jacob C. N. Schuldt
    • 1
  1. 1.Information Security Group, Royal HollowayUniversity of LondonEghamUK

Personalised recommendations