Proxy Re-signatures in the Standard Model
This paper studies proxy re-signature schemes. We first classify the expected security notions for proxy re-signature schemes with different properties. We then show how to attack on a recently proposed bidirectional scheme that is purported to be secure without random oracles, and discuss the flaw in their proof. Next, we show how to design a generic unidirectional proxy re-signature scheme using a new primitive called homomorphic compartment signature as the building block. We give a concrete instantiation which yields the first known unidirectional proxy re-signature scheme which is proven secure under standard assumption in the standard model. We also discuss how to incorporate the concept of forward-security into the proxy re-signature paradigm, such that the signing and the transformation are both time-limited.
KeywordsProxy re-signature compartment signature standard model
Unable to display preview. Download preview PDF.
- 1.Ateniese, G., Hohenberger, S.: Proxy Re-signatures: New Definitions, Algorithms, and Applications. In: ACM Conference on Computer and Communications Security, pp. 310–319 (2005)Google Scholar
- 3.Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical Identity Based Encryption with Constant Size Ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)Google Scholar
- 4.Boyen, X., Shacham, H., Shen, E., Waters, B.: Forward-Secure Signatures with Untrusted Update. In: ACM Conference on Computer and Communications Security, pp. 191–200. ACM, New York (2006)Google Scholar
- 6.Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. Journal of Cryptology 20(3) (2007)Google Scholar