An Efficient Certificateless Signature Scheme in the Standard Model

Identity-based cryptography has been introduced by Shamir at Crypto'84 to avoid the use of expensive certificates in certified public key cryptography. In such system, the identity becomes the public key and each user needs to interact with a designated authority to obtain the related private key. It however suffers the key escrow problem since the authority knows the private keys of all users. To deal with this problem, Riyami and Paterson have introduced, at Asiacrypt'03, the notion of certificateless public key cryptography. In this case, there is no need to use the certificate to certify the public key, and neither the user nor the authority can derive the full private key by himself. There have been several efforts to propose a certificateless signature (CLS) scheme in the standard model, but all of them either make use of the Waters' technique or of the generic conversion technique (proposed by Yum and Lee at ACISP'04 and later modified by Hu et al. at ACISP'06) which both lead to inefficient schemes. In this paper, we introduce a new and direct approach to construct a CLS scheme, secure in the standard model, with constant-size of all parameters and having efficient computing time. Our scheme is therefore very efficient when comparing to existing CLS schemes in the standard model.