Attribute-based key-insulated signature and its applications

Abstract

In an attribute-based signature (ABS) system, a signature does not give proof of the identity of the individual who signed a message; it instead gives proof to a claim regarding the attributes that the underlying signer owns. For ABS, investigators have found many practical applications that require signer-attribute privacy. However, this approach is inadequate for handling scenarios in which the signing key is exposed due to viruses, worms or other break-ins that are allowed by operating-system holes. To overcome the limitation of existing ABS systems, we introduce the notion of an attribute-based key-insulated signature (ABKIS), in which signing keys are refreshed at discrete time periods via an interaction between the user and the helper (a physically-secure but computationally-limited device). We formalize this security model and propose a concrete ABKIS scheme, which is proven to be secure under the standard computational Diffie–Hellman assumption. Furthermore, as an application, a time-conditioned attribute-based proxy signature (TC-ABPS) is derived from our proposed ABKIS scheme. Another typical application of our scheme is for anonymous provider authentication in a bidirectional broadcasting service.