Efficient Identity-based Signatures Secure in the Standard Model

Authors

Kenneth G. Paterson and Jacob C. N. Schuldt

Abstract

The only known construction of identity-based signatures that can be proven secure in the standard model is based on the approach of attaching certificates to non-identity-based signatures. This folklore construction method leads to schemes that are somewhat inefficient and leaves open the problem of finding more efficient direct constructions. We present the first such construction. Our scheme is obtained from a modification of Waters’ recently proposed identity-based encryption scheme. It is computationally efficient and the signatures are short. The scheme’s security is proven in the standard model and rests on the hardness of the computational Diffie-Hellman problem in groups equipped with a pairing.

URL

http://eprint.iacr.org/2009/380.pdf

Usage


1    package it.unisa.dia.gas.crypto.arcanum.signature.ps06;
2    
3    import it.unisa.dia.gas.crypto.arcanum.signature.ps06.engines.PS06Signer;
4    import it.unisa.dia.gas.crypto.arcanum.signature.ps06.generators.PS06ParametersGenerator;
5    import it.unisa.dia.gas.crypto.arcanum.signature.ps06.generators.PS06SecretKeyGenerator;
6    import it.unisa.dia.gas.crypto.arcanum.signature.ps06.generators.PS06SetupGenerator;
7    import it.unisa.dia.gas.crypto.arcanum.signature.ps06.params.*;
8    import PairingFactory;
9    import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
10   import org.bouncycastle.crypto.CipherParameters;
11   import org.bouncycastle.crypto.CryptoException;
12   import org.bouncycastle.crypto.digests.SHA256Digest;
13   
14   import static org.junit.Assert.*;
15   
16   /**
17    * @author Angelo De Caro (arcanumlib@gmail.com)
18    */
19   public class PS06 {
20   
21       public PS06() {
22       }
23   
24   
25       public PS06Parameters createParameters(int nU, int nM) {
26           // Generate Public PairingParameters
27           return new PS06ParametersGenerator().init(
28                   PairingFactory.getPairingParameters("params/curves/a.properties"),
29                   nU, nM).generateParameters();
30       }
31   
32       public AsymmetricCipherKeyPair setup(PS06Parameters parameters) {
33           PS06SetupGenerator setup = new PS06SetupGenerator();
34           setup.init(new PS06SetupGenerationParameters(null, parameters));
35   
36           return setup.generateKeyPair();
37       }
38   
39   
40       public CipherParameters extract(AsymmetricCipherKeyPair keyPair, String identity) {
41           PS06SecretKeyGenerator extract = new PS06SecretKeyGenerator();
42           extract.init(new PS06SecretKeyGenerationParameters(keyPair, identity));
43   
44           return extract.generateKey();
45       }
46   
47       public byte[] sign(String message, CipherParameters secretKey) {
48           byte[] bytes = message.getBytes();
49   
50           PS06Signer signer = new PS06Signer(new SHA256Digest());
51           signer.init(true, new PS06SignParameters((PS06SecretKeyParameters) secretKey));
52           signer.update(bytes, 0, bytes.length);
53   
54           byte[] signature = null;
55           try {
56               signature = signer.generateSignature();
57           } catch (CryptoException e) {
58               fail(e.getMessage());
59           }
60   
61           return signature;
62       }
63   
64       public boolean verify(CipherParameters publicKey, String message, String identity, byte[] signature) {
65           byte[] bytes = message.getBytes();
66   
67           PS06Signer signer = new PS06Signer(new SHA256Digest());
68           signer.init(false, new PS06VerifyParameters((PS06PublicKeyParameters) publicKey, identity));
69           signer.update(bytes, 0, bytes.length);
70   
71           return signer.verifySignature(signature);
72       }
73   
74       public static void main(String[] args) {
75           PS06 ps06 = new PS06();
76   
77           // Setup -> (Public Key, Master Secret Key)
78           AsymmetricCipherKeyPair keyPair = ps06.setup(ps06.createParameters(256, 256));
79   
80           // Extract -> Secret Key for Identity "01001101"
81           CipherParameters secretKey = ps06.extract(keyPair, "01001101");
82   
83           // Sign
84           String message = "Hello World!!!";
85           byte[] signature = ps06.sign(message, secretKey);
86   
87           // verify with the same identity
88           assertTrue(ps06.verify(keyPair.getPublic(), message, "01001101", signature));
89   
90           // verify with another identity
91           assertFalse(ps06.verify(keyPair.getPublic(), message, "01001100", signature));
92       }
93   
94   }
95