Identity-based Threshold Signature from the Bilinear Pairings

In this paper, we formalize the concept of identity-based threshold signature and give the first provably secure scheme based on the bilinear pairings. An important feature of our scheme is that a private associated with an identity rather than a master key of the Public Key Generator is shared among signature generation servers, which, we claim, is more important in practice. From a theoretical point of view, an interesting aspect of our results is that the security of one of the verifiable secret sharing schemes used to construct the identity-based threshold signature scheme is relative to the modified Generalized Bilinear Inversion (mGBI) problem, which is a slight modification of the Generalized Tate Inversion (GTI) problem that Joux recently proposed and called for applying it to cryptographic protocols. Hence, our result gives a partial solution to Joux’s question.

[1]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[2]  D. Boneh,et al.  Short Signatures from the Weil Pairing , 2001, Journal of Cryptology.

[3]  Joonsang Baek,et al.  Identity-Based Threshold Decryption , 2004, Public Key Cryptography.

[4]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[5]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[6]  Antoine Joux,et al.  The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems , 2002, ANTS.

[7]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[8]  Douglas R. Stinson,et al.  Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates , 2001, ACISP.

[9]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[10]  Ran Canetti,et al.  An Efficient Threshold Public Key Cryptosystem Secure Against Adaptive Chosen Ciphertext Attack , 1999, EUROCRYPT.

[11]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[12]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[13]  H. Imai,et al.  Efficient and secure multiparty generation of digital signatures based on discrete logarithms , 1993 .

[14]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[15]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[16]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[17]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[18]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[19]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[20]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.