CCLAS: A practical and compact certificateless aggregate signature with share extraction

Aggregate signatures are useful compact cryptographic schemes for reducing the size multiple individual signatures, which can be used in message size compactness and certificate chains reduction. Certificateless signature is a paradigm in overcoming the key escrow problem of identity-based cryptography schemes. In this paper, we construct a compact aggregate signature in the certificate-less public key settings, which performs a full aggregation needs that the aggregate signature length is the same as that of any individual signature. Furthermore, the proposed scheme can aggregate and extract an individual sig- nature expansively, and it also keeps the integrity of the remained aggregate signature. The security models, under two adversary models such as malicious KGC and malicious user, are also analyzed in the random oracle model. The proposed scheme is existentially unforgeable under adaptive chosen-message attacks and chosen-identity attacks assuming the computational DiffieHellman problem is hard.