An efficient certificateless aggregate signature without pairing

Abstract

Aggregate signature scheme enables an algorithm to combine n signatures of n distinct messages from n users into a single short signature. The resulting aggregate signature can convince the verifier that the n users indeed sign the n messages. Since it greatly reduces the total signature length and verification cost, this primitive is useful especially in environments with low band width communication, low storage and low computability. The notion of certificateless public key cryptography which eliminates the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography was introduced. In this paper, we present the first certificateless aggregate signature scheme which is immune against bilinear pairings and has the advantages of both aggregate signatures and certificateless cryptography. Without the heavy computation of bilinear pairings, our proposed scheme is efficient and practical in both communication and computation for many-to-one authentication. The scheme is also proven existentially unforgeable against adaptive chosen-message attacks under the hardness of breaking elliptic curve discrete logarithm problem.