Efficient and Provably Secure Distributed Signing Protocol for Mobile Devices in Wireless Networks

Abstract

Rapid advances in wireless communications, hardware/software, and Internet technologies have contributed to an exponential growth in the number of users accessing the Internet using mobile, wearable or other Internet of Things devices. Identity-based signature schemes have been widely applied to enforce user authorization and validate user messages in mobile wireless networks. However, the user’s private key used to generate signatures is prone to leakage because the key is being stored on the mobile device. Several ( t, n ) threshold secret sharing schemes have been proposed to address the issue. One limitation is that the private keys in most of those schemes have to be recovered on a single device when generating signatures, so that the user who holds the device can sign any message without the participation of other users. To address the recovery limitation, we propose an efficient and secure two-party distributed signing protocol for the identity-based signature scheme in the IEEE P1363 Standard, where two users can generate a valid signature without recovering the whole private key. We formally prove its security under a nonstandard assumption. We also implemented our proposed protocol using the MIRACL Cryptographic software development kit. The experimental results obtained show that the time it takes for two general Android devices to generate a signature is about 709.53 ms.