In an identity-based signature (IBS) system, each user uses individual information as his/her public key, and also holds a private key issued by a fully trusted key generation center (KGC) with a master secret key. This avoids the mandatory requirement of public key infrastructure, and thus motivates the wide deployment of IBS in various fields. In practical scenarios, the premise that IBS can provide the intended security guarantee is to remain secret keys unrevealed. That is, on the one hand, after a user’s secret key is leaked, then an adversary can use it to create correct signatures for any messages, which invalidates all signatures produced by this user him/herself. On the other hand, what is worse, after the master secret key is disclosed, then all users’ signatures become useless, since the adversary can produce any user’s private key with it. In this paper, to reduce the damage of secret key leakage in IBS system, we introduce system-widely and fine-grained forward-secure IBS (SWFG-fs-IBS). In this primitive, the master secret key is immediately punctured after issuing a secret key for a new user, such that it would fail to issue a secret key for the same user again. Similarly, we also perform puncture operations on each user’s private key after signing messages, which prevents the exposed private key from creating signatures for previously signed messages. Concretely, we first define the syntax and security notions of SWFG-fs-IBS, and then propose its concrete construction with provable security. The theoretical analysis indicates that our proposal provides stronger and more practical forward security than previous fs-IBS schemes. We also provide an implementation of our proposal, and present extensive experiments to demonstrate its feasibility.
Read full abstract