Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Identity-Based and Self-Certified Key-Exchange Protocols
ACISP '97 Proceedings of the Second Australasian Conference on Information Security and Privacy
Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Algorithms
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Assumptions Related to Discrete Logarithms: Why Subtleties Make a Real Difference
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A note on Girault's self-certified model
Information Processing Letters
Short Signatures from the Weil Pairing
Journal of Cryptology
Self-certified signature scheme from pairings
Journal of Systems and Software
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Efficient blind and partially blind signatures without random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Hi-index | 0.00 |
Self-certified signature scheme is a better choice than that in traditional public key system, since it omits key escrow problem of ID-based crypto-system and avoids complex certificate management of traditional PKI. In the work, we first formalized the security models of self-certified signature by classifying its adversary types. Then based on Okamoto's signature idea, we proposed a concrete instance. And we also show that the proposed scheme is provably secure in the random oracle models and the security of the scheme is closely related to a extended security assumption: q ***SDH+CDH assumption which is provided by us. Finally, by comparing the proposed scheme with Shao's scheme, we show that the proposed scheme is very efficient in terms of computational costs of generation and verification of a signature. No pairing operator is required to sign a message in our scheme.