Publication Type

Journal Article

Version

publishedVersion

Publication Date

12-2021

Abstract

Functional signatures (FS) enable a master authority to delegate its signing privilege to an assistant. Concretely, the master authority uses its secret key sk(F) to issue a signing key sk(f) for a designated function f is an element of F-FS and sends both f and sk(f) to the assistant E, which is then able to compute a signature sigma(f) with respect to pk(F) for a message y in the range of f. In this paper, we modify the syntax of FS slightly to support the application scenario where a certificate of authorization is necessary. Compared with the original FS, our definition requires that F-FS is an injective function family and for any f(0), f(1) is an element of F-FS there does not exist an intersection between range(f(0)) and range(f(1)). Accordingly, we redefine the security of FS and introduce two additional security notions, called unlinkability and accountability. Signatures sigma(f) in our definition do not expose the intention of the master authority. We propose two constructions of FS. The first one is a generic construction based on signatures with perfectly re-randomizable keys, non-interactive zero-knowledge proof (NIZK) and traditional digital signatures, and the other is based on RSA (Rivest-Shamir- Adleman) signatures with full domain hash and NIZK. We prove that both schemes are secure under the given security models.

Keywords

cloud computation security, digital signature, functional signature, non-interactive zeroknowledge proof, e-commerce

Discipline

E-Commerce | Information Security

Research Areas

Information Systems and Management

Publication

Science China Information Sciences

Volume

64

Issue

12

First Page

1

Last Page

13

ISSN

1674-733X

Identifier

10.1007/s11432-019-2855-3

Publisher

Springer Verlag (Germany)

Additional URL

http://doi.org/10.1007/s11432-019-2855-3

Share

COinS