A fair concurrent signature scheme based on identity

Abstract

The concept of concurrent signatures was introduced by Chen, Kudla and Paterson at Eurocrypt 2004, which allows two parties to produce two ambiguous signatures until the initial signer releases an extra piece of information (called keystone). Once the keystone is released, both signatures are bound to their true signers concurrently. However, Susilo, Mu and Zhang pointed out the original concurrent signature is not ambiguous to any third party if both signers are known to be trustworthy, and further proposed perfect concurrent signatures to strengthen the ambiguity of concurrent signatures in ICICS 2004. Unfortunately, Susilo et al.'s schemes are unfair for the matching signer because they enable the initial signer to release a carefully prepared keystone that binds the matching signer's signature, but not the initial signer's. Therefore, we present a fair identity based concurrent signature in an effective way to correct these flaws in ambiguity and fairness. Moreover, our scheme is more efficient than other concurrent signature schemes based on the bilinear paring. © 2010 Springer-Verlag.