In the world of digital information, digitized documents’authentication, integrity and non-repudiation have become a basic requirement of the information security and are promoting the research on informatization theory and practice. Digital signature is one of the main means to meet the above requirements and one of the main content of modern cryptography.Proxy re-signature is a special type of digital signatures. Proxy re-signature is generally used for the delegation of signing rights of a user (delegator) to a semi-trusted proxy and a delegatee. The proxy can convert the signature of one user on a message into the signature of another user on the same message by using the re-signing key. But the proxy cannot generate arbitrary signatures for either the delegatee or the delegator. Due to the special transformation function, proxy re-signature is very useful and can be applied in many applications, such as cloud storage, cross-domain identity authentication, simplifying certificate management, managing group signatures, providing a proof for a path that has been taken, constructing a checking system and a digital rights management interoperable system.We firstly make a comprehensive study of proxy re-signature theories and technologies, discuss the proxy re-signature’s general model and security definitions, then review several existing classic proxy re-signature schemes, and list examples for their application circumstances.Cryptosystems previously proved secure in the random oracle model are actually provably insecure when the random oracle is instantiated by any real-world hashing function. Therefore, provably secure proxy re-signature scheme in the standard model is more attractive. However, most proxy re-signature schemes in the standard model are existentially unforgeable, which cannot prevent adversaries from forging valid signatures on messages that have previously been signed/re-signed. In order to overcome the shortcomings of the existing proxy re-signature schemes such as strong hardness assumption, long re-signatures length and high computation cost, a multi-use bidirectional proxy re-signature scheme is proposed by using target collision-resistant hash function. Under the computational Diffie-Hellman assumption, the proposed proxy re-signature scheme is proven to be strongly unforgeable under adaptive chosen message attacks. Compared with existing proxy re-signature schemes with strong unforgeability, the proposed scheme has short system parameters, short re-signature, low re-signing computation cost and more security properties.Finally, to make proxy re-signatures have more applications and faster development, we point out some key issues to be resolved in the future study of proxy re-signatures. |