278
A Secure and Efficient Certificateless Signature Scheme in the
Standard Model
Hong-zhen DU
School of mathematics and Information Science, Baoji University of Arts and Sciences,
Baoji, China
E-mail: hongzhendu@163.com
Certificateless public key cryptography is an attractive paradigm which combines
advantages of both traditional public key cryptography and identity-based cryptography
because it avoids using certificates and does not suffer from key escrow. In this paper, the
author proposed a certificateless signature (CLS) scheme built upon bilinear pairings and
proved its security in the standard model. The scheme turns out to be more efficient than
other proposed CLS schemes in the standard model, and the signing algorithm needs no
pairing operation while the reverse operation requires only three pairing computations.
Keywords: Certificateless public key cryptography; Certificateless signature; Standard
model; Unforgeability.
1. Introduction
Identity-based public key cryptography (ID-PKC) was introduced by Shamir [1]
in 1984. It avoids the certificate management problem in traditional PKC.
However, there exists a drawback called private key escrow in an ID-PKC since
it involves a Private Key Generator (PKG) who knows a user’s private key. In
2003, Riyami and Paterson [2] introduced the notion of certificateless public key
cryptography (CL-PKC), which is an intermediate between traditional PKC and
ID-PKC. It can eliminate the certificate management problem in a traditional PKC
and the private key escrow in ID-PKC.
There are a lot of fruits about CL-PKC, to name some [3-12]. Certificateless
signature (CLS) is one of the most important security primitives in CL-PKC.
Many CLS schemes [5-8] have been constucted and these schemes are provably
secure in the random oracle model. However, it has been shown that when random
oracles are instantiated with concrete hash functions, the resulting scheme may