Abstract Key exposure problem is a very serious problem for identity-based signatures. Once the secret key is exposed in identity-based signatures, all signatures generated from this secret key will become insecure. To mitigate this serious damage, the intrusion-resilient mechanism has been introduced into identity-based signatures. However, all existing schemes can only be proven secure in random oracles. As we know, security proofs in random oracles do not always imply the security of actual schemes in the real world. In order to deal with this problem, in this paper, we propose the first intrusion-resilient identity-based signature (IRIBS) scheme that can be proven secure in the standard model. In the proposed scheme, the homomorphic structure in the key update is employed to refresh secret keys in one time period. It makes the scheme achieve the intrusion resilience when key exposure happens. In addition, we also provide the first solution for how to generically construct IRIBS schemes. We make use of the separable structure between the user's key material used for updating and that used for the actual signing. As a result, our solution can produce IRIBS schemes from forward-secure identity-based signature (FSIBS) schemes with a special property. This contribution will also simplify the future designs of IRIBS schemes and FSIBS schemes.

Load

Load