Research And Design On Provably Secure Partially Blind Signature Without Trusted PKG

In traditional CA-based Cryptosystems, the binding between public key and identity of the signer is obtained via a digital certificate. To simplify the certificate management process, an ID-based Cryptosystem (IBC) based on integer factorization problem was proposed by Shamir, which allows a user to use his identity as the public key. But there are some drawbacks in ID-based systems. The most criticism against ID-based systems is that PKG knows the private key of all users, so it is able to impersonate any user to sign a document or decrypt an encrypted message. It implies that the PKG must be trusted unconditionally otherwise the systems will soon be collapsed. However, it would be difficult to assume the existence of a trusted party in an ad hoc network, where the communication parties are changing frequently.A blind signature scheme is a protocol for obtaining a digital signature from a signer, but the signer can neither learn the messages he/she sign nor the signatures the recipients obtain afterwards. A partially blind signature allows a signer to explicitly embed a pre-agreed common information into a blind signature without the loss of blindness property.The main work in this paper is to research on the ID-based signature scheme above mentioned. The main results are as follows:1. we construct an efficient ID-based signature scheme without trusted PKG, which security relies on the hardness of the CDHP. In this scheme, PKG is prevented from forging a legal user's signature because it only generates the partially private key. The scheme is proved to be secure against existential forgery on adaptively chosen message and ID attack, assuming CDHP is intractable.2. An efficient ID-based partially blind signature scheme without trusted PKG was proposed. In this scheme, PKG was prevented from forging a legal user's signature because it only generated partial private key. The proposed scheme was proved to be secure against existential forgery on adaptively chosen message and ID attack. The security of scheme relied on the hardness of the CDHP.