Secret Sharing Based BLMQ Signature Generation

Abstract

BLMQ is an identity based signature scheme named with the initial letters of the surnames of its proposers, Paulo S.L.M. Barreto, Benoit Libert, Noel McCullagh, and Jean-Jacques Quisquater. It can be used in various applications and systems. However when applied in an end device without dedicated cryptographic hardware, such as a mobile phone, the identity based private key is stored in the permanent storage and used in the volatile memory, which suffers from potential key leakage. When applied in a resource constrained end device, such as an industrial sensor or actuator, the end device cannot afford to perform the complicated signature computation of the BLMQ scheme. To address these issues, this paper proposes a number of secret sharing based BLMQ signature generation schemes, with which an end device shares the secret of a private key with the dedicated cryptographic devices or systems with strong security protection. The end device and the dedicated cryptographic devices or systems collaborate to generate the signature with their respective shares when signing a message. The leakage of the secret share in the end device does not lead to the compromise of the whole private key. Further with the proposed schemes, a resource constrained or limited end device can leverage the dedicated cryptographic devices or systems to perform complex signature computations. The proposed schemes have a promising application prospect.