Abstract
This paper provides either security proofs or attacks for a large number of identity-based identification and signature schemes defined either explicitly or implicitly in existing literature. Underlying these is a framework that on the one hand helps explain how these schemes are derived and on the other hand enables modular security analyses, thereby helping to understand, simplify, and unify previous work. We also analyze a generic folklore construction that in particular yields identity-based identification and signature schemes without random oracles.
Article PDF
Similar content being viewed by others
References
M. Abdalla, J.H. An, M. Bellare, C. Namprempre, From identification to signatures via the Fiat-Shamir transform: Minimizing assumptions for security and forward-security, in EUROCRYPT 2002, ed. by L. Knudsen. LNCS, vol. 2332 (Springer, New York, 2002), pp. 418–433
J.H. An, Y. Dodis, T. Rabin, On the security of joint signature and encryption, in EUROCRYPT 2002, ed. by L. Knudsen. LNCS, vol. 2332 (Springer, New York, 2002), pp. 83–107
M. Bellare, C. Namprempre, Authenticated encryption: Relations among notions and analysis of the generic composition paradigm, in ASIACRYPT 2000, ed. by T. Okamoto. LNCS, vol. 1976 (Springer, New York, 2000), pp. 531–545
M. Bellare, G. Neven, Transitive signatures: New schemes and proofs. IEEE Trans. Inf. Theory 51(6), 2133–2151 (2005)
M. Bellare, A. Palacio, GQ and Schnorr identification schemes: Proofs of security against impersonation under active and concurrent attack, in CRYPTO 2002, ed. by M. Yung. LNCS, vol. 2442 (Springer, New York, 2002), pp. 162–177
M. Bellare, P. Rogaway, Random oracles are practical: A paradigm for designing efficient protocols, in Proc. of the 1st CCS (ACM Press, New York, 1993), pp. 62–73
M. Bellare, M. Fischlin, S. Goldwasser, S. Micali, Identification protocols secure against reset attacks, in EUROCRYPT 2001, ed. by B. Pfitzmann. LNCS, vol. 2045 (Springer, New York, 2001), pp. 268–286
M. Bellare, C. Namprempre, D. Pointcheval, M. Semanko, The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J. Cryptol. 16(3), 185–215 (2003)
M. Bellare, C. Namprempre, G. Neven, Security proofs for identity-based identification and signature schemes, in EUROCRYPT 2004, ed. by C. Cachin, J. Camenisch. LNCS, vol. 3027 (Springer, New York, 2004), pp. 268–286
T. Beth, Efficient zero-knowledged identification scheme for smart cards, in EUROCRYPT 1988, ed. by C. Gunther. LNCS, vol. 330 (Springer, New York, 1988), pp. 77–86
M. Blum, Coin flipping by telephone, in Advances in Cryptology: A Report on CRYPTO 81, ed. by A. Gersho (University of California, Santa Barbara, 1982), Department of ECE Report No 82-04, pp. 11–15
A. Boldyreva, Threshold signatures, multisignatures and blind signatures based on the gap-diffie-hellman-group signature scheme, in PKC 2003, ed. by Y. Desmedt. LNCS, vol. 2567 (Springer, New York, 2003), pp. 31–46
D. Boneh, M.K. Franklin, Identity-based encryption from the Weil pairing, in CRYPTO 2001, ed. by J. Kilian. LNCS, vol. 2139 (Springer, New York, 2001), pp. 213–229
D. Boneh, C. Gentry, B. Lynn, H. Shacham, Aggregate and verifiably encrypted signatures from bilinear maps, in EUROCRYPT 2003, ed. by E. Biham. LNCS, vol. 2656 (Springer, New York, 2003), pp. 416–432
M. Burmester, Y. Desmedt, Remarks on soundness of proofs. Electron. Lett. 25(22), 1509–1511 (1989)
J.C. Cha, J.H. Cheon, An identity-based signature from gap diffie-hellman groups, in PKC 2003, ed. by Y. Desmedt. LNCS, vol. 2567 (Springer, New York, 2003), pp. 18–30
J.H. Cheon, A universal forgery of Hess’s second ID-based signature against the known-message attack. Cryptology ePrint Archive, Report 2002/028, 2002. http://eprint.iacr.org/2002/028
J.-F. Dhem, D. Veithen, J.-J. Quisquater, SCALPS: Smart card for limited payment systems. IEEE Micro 16(3), 42–51 (1996)
Y. Dodis, J. Katz, S. Xu, M. Yung, Strong key-insulated signature schemes, in PKC 2003, ed. by Y. Desmedt. LNCS, vol. 2567 (Springer, New York, 2003), pp. 130–144
U. Feige, A. Fiat, A. Shamir, Zero knowledge proofs of identity. J. Cryptology 1(2), 77–94 (1988)
A. Fiat, A. Shamir, How to prove yourself: Practical solutions to identification and signature problems, in CRYPTO 1986, ed. by A. Odlyzko. LNCS, vol. 263 (Springer, New York, 1986), pp. 186–194
M. Fischlin, R. Fischlin, The representation problem based on factoring, in CT-RSA 2002, ed. by B. Preneel. LNCS, vol. 2271 (Springer, New York, 2002), pp. 96–113
D. Galindo, J. Herranz, E. Kiltz, On the generic construction of identity-based signatures with additional properties, in ASIACRYPT 2006, ed. by X. Lai, K. Chen. LNCS, vol. 4284 (Springer, New York, 2006), pp. 178–193
C. Gentry, A. Silverberg, Hierarchical ID-based cryptography, in ASIACRYPT 2002, ed. by Y. Zheng. LNCS, vol. 2501 (Springer, New York, 2002), pp. 548–566
M. Girault, An identity-based identification scheme based on discrete logarithms modulo a composite number, in EUROCRYPT 1990, ed. by I. Damgård. LNCS, vol. 473 (Springer, New York, 1990), pp. 481–486
S. Goldwasser, S. Micali, R. Rivest, A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281–308 (1988)
L.C. Guillou, J.-J. Quisquater, A “paradoxical” identity-based signature scheme resulting from zero-knowledge, in CRYPTO 1988, ed. by S. Goldwasser. LNCS, vol. 403 (Springer, New York, 1989), pp. 216–231
F. Hess, Efficient identity based signature schemes based on pairings, in Selected Areas in Cryptography, SAC 2002, ed. by K. Nyberg, H. Heys (Springer, New York, 2003), pp. 310–324
R. Impagliazzo, M. Luby, One-way functions are essential for complexity based cryptography, in Proc. of the 30th FOCS, Research Triangle Park, North Carolina, October 1989 (IEEE Computer Society Press, New York, 1989), pp. 230–235
K. Kurosawa, S.-H. Heng, From digital signature to ID-based identification/signature, in PKC 2004, ed. by F. Bao, R. Deng, J. Zhou. LNCS, vol. 2947 (Springer, New York, 2004), pp. 248–261
B. Libert, J.-J. Quisquater, The exact security of an identity based signature and its applications. Cryptology ePrint Archive, Report 2004/102, 2004. http://eprint.iacr.org/2004/102
A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, Handbook of Applied Cryptography (CRC Press, New York, 1996)
K. Ohta, T. Okamoto, A modification of the Fiat-Shamir scheme, in CRYPTO 1988, ed. by S. Goldwasser. LNCS, vol. 403 (Springer, New York, 1990), pp. 232–243
K. Ohta, T. Okamoto, On concrete security treatment of signatures derived from identification, in CRYPTO 1998, ed. by H. Krawczyk. LNCS, vol. 1462 (Springer, New York, 1998), pp. 354–370
T. Okamoto, Provably secure and practical identification schemes and corresponding signature schemes, in CRYPTO 1992, ed. by E. Brickell. LNCS, vol. 740 (Springer, New York, 1993), pp. 31–53
H. Ong, C.-P. Schnorr, Fast signature generation with a Fiat–Shamir-like scheme, in EUROCRYPT 1990, ed. by I. Damgård. LNCS, vol. 473 (Springer, New York, 1990), pp. 432–440
K.G. Paterson, ID-based signatures from pairings on elliptic curves. Cryptology ePrint Archive, Report 2002/004, 2002. http://eprint.iacr.org/
D. Pointcheval, J. Stern, Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000)
J. Rompel, One-way functions are necessary and sufficient for secure signatures, in Proc. of the 22nd ACM STOC, Baltimore, Maryland, May 14–16 1990 (ACM Press, New York, 1990), pp. 387–394
S. Saeednia, R. Safavi-Naini, On the security of Girault’s identification scheme, in PKC 1998, ed. by H. Imai, Y. Zheng. LNCS, vol. 1431 (Springer, New York, 1998), pp. 149–153
R. Sakai, K. Ohgishi, M. Kasahara, Cryptosystems based on pairing, in SCIS 2000, Okinawa, Japan, January 2000
C.-P. Schnorr, Efficient identification and signatures for smartcards, in CRYPTO 1989, ed. by G. Brassard. LNCS, vol. 435 (Springer, New York, 1990), pp. 239–252
C.-P. Schnorr, Security of 2t-root identification and signatures, in CRYPTO 1996, ed. by N. Koblitz. LNCS, vol. 1109 (Springer, New York, 1996), pp. 143–156
A. Shamir, Identity-based cryptosystems and signature schemes, in CRYPTO 1984, ed. by G.R. Blakely, D. Chaum. LNCS, vol. 196 (Springer, New York, 1984), pp. 47–53
V. Shoup, On the security of a practical identification scheme. J. Cryptol. 12(4), 247–260 (1999)
J. Stern, D. Pointcheval, J. Malone-Lee, N.P. Smart, Flaws in applying proof methodologies to signature schemes, in CRYPTO 2002, ed. by M. Yung. LNCS, vol. 2442 (Springer, New York, 2002), pp. 93–110
H.C. Williams, A modification of the RSA public-key encryption procedure. IEEE Trans. Inf. Theory 26(6), 726–729 (1980)
X. Yi, An identity-based signature scheme from the Weil pairing. IEEE Commun. Lett. 7(2), 76–78 (2003)
Author information
Authors and Affiliations
Corresponding author
Additional information
A preliminary version of this paper appears in Advances in Cryptology—EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, C. Cachin and J. Camenisch, eds., Springer-Verlag, 2004. This is the full version.
Mihir Bellare: Supported in part by NSF grants CCR-0098123, ANR-0129617, CCR-0208842, CNS-0524765, and a gift from Intel Corporation.
Chanathip Namprempre: Supported in part by the above-mentioned grants of first author and the Thailand Research Fund. Part of this work was done while the author was at University of California, San Diego.
Gregory Neven: Work done while at Katholieke Universiteit Leuven, Belgium, supported by a Research Assistantship and a Postdoctoral Fellowship from the Fund for Scientific Research—Flanders.
Rights and permissions
About this article
Cite this article
Bellare, M., Namprempre, C. & Neven, G. Security Proofs for Identity-Based Identification and Signature Schemes. J Cryptol 22, 1–61 (2009). https://doi.org/10.1007/s00145-008-9028-8
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-008-9028-8