13-08-2014, 10:31 AM
THRESHOLD PROXY RE-SIGNATURE
THRESHOLD.pdf (Size: 180.55 KB / Downloads: 14)
Abstract
The focus of this paper is to design an efficient and secure solution addressing the semi
trusted issue in proxy re-signature schemes, i.e., the proxy knows the re-signature key from user A to
user B, so he is able to translate any signatures made by user A to user B, which damages the essential
requirement (“non-repudiation” property) of proxy re-signature schemes. In this paper, the authors
first define the security model for threshold proxy re-signature scheme, and then propose two threshold
proxy re-signature schemes based on Ateniese-Hohenberger’s and Shao-Cao-Wang-Liang’s approach.
Introduction
Proxy re-signature scheme, introduced by Blaze, Bleumer, and Strauss[1] at Eurocrypt’98,
enables a semi-trusted proxy given some information to transform Alice’s signature on a message
m into Bob’s signature on m, but the proxy cannot, on its own, generate signatures for either
Alice or Bob. Although Blaze, Bleumer, and Strauss proposed the idea of a proxy re-signature
scheme in 1998, no construction that was both efficient and secure was found until recently,
when the work of Ateniese, Hohenberger[2] was published in 2005.
And recently, Shao, et al.[3] have proposed a bidirectional proxy re-signature scheme without
random oracle. Libert, et al.[4] have proposed a multi-use unidirectional proxy re-signature
scheme. Besides proxy re-signature scheme, a renewed interest of research community in proxy
re-encryption[5−7] has been seen in recent years.
Due to the transformation function, proxy re-signature schemes are very useful and can be
applied in many applications, including simplifying key management[1], providing a proof for
a path that has been taken, managing group signatures, simplifying certificate management[2],
constructing a digital rights management (DRM) interoperable system[8].
However, there are some drawbacks in these schemes. The most criticism against these
schemes, called semi trusted issue, is that the proxy knows the re-signature key from user A to
user B, so he is able to translate any signatures made by user A to user B.
To address the semi trusted issue, we use secret sharing, which is firstly introduced by
Shamir[9]. Using this technique, signatures can be translated by a group of proxies rather than
Performance Analysis
In this section, in terms of computational complexity, we show that even though we address
the key escrow problem of the proxy re-signature scheme, the cost is still affordable compared
with the original proxy re-signature scheme. Note that in order to resign a signature, the
threshold proxy re-signature scheme needs to perform ShareResign and Combine.
6 Conclusion
In this paper, we define the security model for threshold proxy re-signature scheme and
proposed two threshold proxy re-signature schemes based on Ateniese-Hohenberger’s[2] In this paper, we define the security model for threshold