As the information technology advances, paper documents are
rapidly being replaced by digital data in every domain of
our society. Digital data are essentially in sharp
contrast to paper documents in that the formers can be
altered (or even worse, forged) indefinitely without detection.
Hence there is a means, i.e., a digital signature, to ensure
the identity of the signer of or the integrity of a document.
When a user wants to generate the digital signature of a document,
she signs the document with her own private key. Once the
signature is created, anyone can verify it with the corresponding
public key of the signer.
Digital signatures and the application have so far been studied
extensively because of their importance and significance in the
information society.
In this paper we focus on identity-based cryptosystems.
Ordinary digital signatures have some problem to bind the identity
of a user and the corresponding public key in a trusted and secure manner.
This usually requires
public key infrastructures (PKI) and the certificate issued by them.
Conventional digital signature requires binding the identity of a user and
the corresponding public key , which is traditionally realized by the public
key infrastructures (PKI) and the certificate issued by them.
On the other hand an Identity-Based Signature (IBS) provides a public
key cryptosystem where arbitrary strings, especially, users' identities
such as e-mail addresses, can be used as public keys.
So we do not need any certification for public keys.
In 1984, Shamir proposed identity-based encryption and signature primitive
schemes for the first time. In 2001, Boneh and
Franklin proposed an Identity based encryption scheme based on bilinear
maps. This is the first practical ID-based encryption. Since then
several Identity-based encryption and signature scheme have been
proposed.
In IBS schemes, one trusted third party called Private Key Generator
(PKG for short)
is in charge of system setup and key generation for all users.
So the key generation costs in proportion to the increase of the number of
users. In 2002, Gentry and Silverberg proposed the Hierarchical
Identity-based Signature (HIBS) which arranges PKG as a tree.
In a HIBS scheme, a root PKG need only generate the secret key of
its children by using PKG's master secret. And the children in turn
generate the private keys of their own children, and so on,
until this operation reaches the leaf children.
GS-HIBS has parameters such as system public parameters,
ID, each secret key corresponding to ID, and also other public
parameters to generate secret keys.
GS-HIBS is not considered as a perfect Identity-based signature scheme
because GS-HIBS needs more public parameters.
In 2004, S. M. Chow and Hui and Yui and K. P. Chow proposed a HIBS
scheme (CHYK-HIBS)
hich is provable in the standard security model. This scheme is the most
efficient HIBS scheme in
recent approaches.
In this paper, we propose the constant-size hierarchical
Identity-based signature scheme whose security is ensured
in the l-DHI*-problem under the random oracle and selective Identity model.
|