Post on 09-Feb-2017
This article was downloaded by: [University of Connecticut]On: 10 October 2014, At: 08:56Publisher: Taylor & FrancisInforma Ltd Registered in England and Wales Registered Number: 1072954 Registeredoffice: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK
Journal of Discrete MathematicalSciences and CryptographyPublication details, including instructions for authors andsubscription information:http://www.tandfonline.com/loi/tdmc20
Identity-based directed proxy ringsignature schemeK. A. Ajmath a , P. Vasudeva Reddy b , B. Umaprasada Rao c & S. V.K. Varma aa Department of Mathematics , Sri Venkateswara University ,Tirupathi , A.P. , Indiab Department of Engg. Mathematics , Andhra University ,Visakhapatnam , A.P. , Indiac Department of Engg. Mathematics , Dr. L.B. College Engg. ForWomen , Visakhapatnam , A.P. , IndiaPublished online: 03 Jun 2013.
To cite this article: K. A. Ajmath , P. Vasudeva Reddy , B. Umaprasada Rao & S. V. K. Varma (2012)Identity-based directed proxy ring signature scheme, Journal of Discrete Mathematical Sciences andCryptography, 15:2-3, 181-192, DOI: 10.1080/09720529.2012.10698374
To link to this article: http://dx.doi.org/10.1080/09720529.2012.10698374
PLEASE SCROLL DOWN FOR ARTICLE
Taylor & Francis makes every effort to ensure the accuracy of all the information (the“Content”) contained in the publications on our platform. However, Taylor & Francis,our agents, and our licensors make no representations or warranties whatsoever as tothe accuracy, completeness, or suitability for any purpose of the Content. Any opinionsand views expressed in this publication are the opinions and views of the authors,and are not the views of or endorsed by Taylor & Francis. The accuracy of the Contentshould not be relied upon and should be independently verified with primary sourcesof information. Taylor and Francis shall not be liable for any losses, actions, claims,proceedings, demands, costs, expenses, damages, and other liabilities whatsoever orhowsoever caused arising directly or indirectly in connection with, in relation to or arisingout of the use of the Content.
This article may be used for research, teaching, and private study purposes. Anysubstantial or systematic reproduction, redistribution, reselling, loan, sub-licensing,systematic supply, or distribution in any form to anyone is expressly forbidden. Terms &
Conditions of access and use can be found at http://www.tandfonline.com/page/terms-and-conditions
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
* E-mail: ajjucrypto@yahoo.com† E-mail: vasucrypto@yahoo.com§ E-mail: umaprasadcrypto@yahoo.com¶ E-mail: svijayakumarvarma@yahoo.co.in
Identity-based directed proxy ring signature scheme
K. A. Ajmath 1, *
P. Vasudeva Reddy 2, †
B. Umaprasada Rao 3, §
S. V. K. Varma1, ¶
1 Department of MathematicsSri Venkateswara UniversityTirupathiA.P, India.2 Department of Engg. MathematicsAndhra UniversityVisakhapatnamA.P, India.3 Department of Engg. MathematicsDr. L.B. College Engg. For WomenVisakhapatnamA.P, India.
Abstract:Proxy ring signature scheme allows a proxy signer to sign messages on behalf of the
original signer while providing anonymity. In these schemes any verifi er can verify the proxy
signature and he can be sure that the message is indeed given out by the proxy signer group,
on the other hand, nobody can fi gure out who the proxy signer is. If the signed message is
sensitive to the signature receiver, the ordinary proxyring signature schemes seems to be not
suitable. To meet this requirement, in this paper, we proposed an ID-based directed proxy
ring signature scheme by combining the functionalities of directed signatures and proxy ring
signature scheme. This scheme is very useful in some applications where the anonymously
leaking information is sensitive to the signature receiver. We have discussed the security
requirements of the proposed scheme.
Keywords : Digital signatures, proxy signatures, ring signatures, directed signatures, bilinear Pairings.
Journal of Discrete Mathematical Sciences & CryptographyVol. 15 (2012), No. 2 & 3, pp. 181–192
© Taru Publications
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
182 K. A. AJMATH, P. V. REDDY, B. U. RAO AND S. V. K. VARMA
1. Introduction
A proxy signature scheme allows an entity, called original signer, to
delegate its signing capability to another entity, called proxy signer, to sign
messages on its behalf. The delegated proxy signer can compute a proxy
signature that can be verifi ed by anyone with access to the original sign-
er’s public key. Proxy signatures have found numerous practical appli-
cations, particularly in distributed computing where delegation of rights
is quite common; examples include e-cash system [12], mobile agents for
e-commerce [6], mobile communications [13], global distributed networks
[4] and distributed shared object systems [8].
Proxy ring signature schemes are proposed in the literature [10] to protect
the privacy of proxy signers. Proxy ring signature schemes can be viewed
as a combination of proxy signature and ring signature schemes, so these
schemes satisfi es all the requirements of general proxy signatures besides
the requirements of ring signatures. In these proxy ring schemes the origi-
nal signer delegates his signing power to many proxies, called proxy sign-
ers set (such as a public known directories). Then proxy signers can sign
messages on behalf of the original signer (while providing anonymity).
Any verifi er can verify the signature and can be sure that the secret is
indeed given out by the proxy signer group, on the other hand, nobody
can fi nd out who the proxy signer is. Proxy ring signature schemes have
been shown to be useful in various applications, such as electronic poling,
electronic payment, etc.
The fi rst proxy ring signature scheme was proposed by Zhang et al., [18] in 2003. Later, Lang et al., [5] proposed an improved ID-based proxy
ring signature scheme from bilinear pairings. In 2006, Li et al., [9] pre-
sented formally the defi nition and security model for proxy ring signa-
ture. Subsequently, they proposed a short proxy ring signature scheme,
with rigorous security proofs, which was assumed to be more eff icient
than the previous proxy signature schemes. In 2007 Amit et al., [1] pro-
posed another scheme based on Zhang et al., scheme. In 2009, Wu Lei et al., [7] proposed an eff icient ID-based proxy ring signature scheme. In 2010,
Jianyong Wang et al., [17] proposed a proxy ring signature scheme based
on bilinear pairings.
In the aforementioned signature schemes, any verifi er can verify the
validity of the proxy signature generated by a proxy signer on behalf of
the original signer. However consider the following situation: Suppose in
the above proxy ring signature schemes, if the signed message is sensi-
tive to the signature receiver and he/she wants to exclusively verify these
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
PROXY RING SIGNATURE SCHEME 183
signatures (messages), does not want to disclose the message, with others
knowing nothing about the message. With this verifi ability restriction the
aforementioned proxy ring signature schemes are not suitable.
To solve this problem, in this paper, we proposed a Directed Proxy
Ring Signature scheme in the identity based setting, which we call as
ID-based Directed Proxy Ring Signature (ID-DPRS) Scheme. This scheme
combines the properties of directed signature [11, 14, 15, 16] and proxy
ring signature schemes. In this scheme an entity (original signer) dele-
gates his signing power to a group of proxy signers. Any proxy signer
generates a proxy signature, to a designated verifi er, on behalf of the
original signer such that only the designated verifi er can directly verify
the signature and the designated verifi er can be sure that the secret is
indeed given out by the proxy signer group and he can’t fi gure out who
the proxy signer is. In case of necessary any other party can verify the
validity of the signature with the help of the aid provided proxy signer or
the designated verifi er.
The rest of the paper is organized as follows: Section 2 briefl y ex-
plains the bilinear pairings and some computational problems on which
our scheme is based. The syntax and security requirements of our ID-
DPRS scheme are given in Section3. We present our ID-DPRS scheme in
section 4. The correctness and security analysis of the proposed scheme
are given in Section 5. Section 6 concludes this paper.
2. Preliminaries
In this section, we will briefl y review the basic concepts on bilinear
pairings and some related mathematical problems.
2.1. Bilinear pairings
Bilinear pairing is an important cryptographic primitive and has been
widely adopted in many positive applications in cryptography.
Let G1 be a additive cyclic group generated by P, whose order is a
prime q, and G2 be a multiplicative cyclic group of the same order. A bilin-
ear pairing is a map :e G G G1 1 2"#t with the following properties:
(1) Bilinear: :e G G G1 1 2"#t for all ,P Q G! 1 .
(2) Non –degenerate : There exists ,P Q G1! such that ,e P Q 1!t] g .
(3) Computable : There is an eff icient algorithm to compute
, , .e P Q P Q Gfor all 1!t] g
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
184 K. A. AJMATH, P. V. REDDY, B. U. RAO AND S. V. K. VARMA
Such a pairing may be obtained by suitable modifi cation in the
weil-pairing or the Tate-pairing on an elliptic curve defi ned over a fi nite
fi eld [2].
2.2. Computational problems
Now, we give some computational problems, which will form the ba-
sis of security for our scheme.
• Decisional Diff ie-Hellman Problem (DDHP): For R, , ,a b c Z*q! given
, , ,P aP bP cP in ,G1 decide whether .modc ab q/
• Computational Diff ie-Hellman Problem (CDHP): For R, , ,a b c Z*q!
given , ,P aP bP in G1 compute abP.
• Bilinear Diff ie-Hellman Problem (BDHP) : For R, , ,a b c Z*q! given
, , ,P aP bP cP in G1 , compute ( , )e P P abct in G2 .
• Gap Diff ie-Hellman Problem : A class of problems, where DDHP can
be solved in polynomial time but no probabilistic algorithm exists
that can solve CDHP in polynomial time.
• Bilinear Pairing Inversion Problem (BPIP) : Given P G1! and
( , )e P Q G2!t , fi nd Q G1! .
As specifi ed in [1], the DDHP in G1 should be easy. The DDHP in
G2, the CDHP and DLP in both and should be hard. Also the BPIP should
be hard. The group with these conditions is called a Gap Diff ie-Hellman
(GDH) group.
3. Syntax and security requirements of ID-DPRS Scheme
The directed proxy ring signature scheme can be viewed as a
combination of a ring signature scheme and directed signature scheme.
Let O be the original signer with identity IDo and private key dIDo . He del-
egates his signing rights to many proxies, with identities of the proxy set
{ }, .L ID i n1i # #= The original signer IDo creates a warrant ~ , where
there is an explicit description of the delegation relation including the
identity of the original signer and the proxy signer, the message M to be
signed, the identity of the designated verifi er IDV , and so on.
Now we give a formal model for our ID-based Directed proxy ring
signature (ID-DPR) scheme. The ID-DPR scheme consists of the following
algorithms System Setup, Key Extraction, Proxy Delegation, Proxy Ring
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
PROXY RING SIGNATURE SCHEME 185
Signature Generation, Proxy Ring Signature Direct Verifi cation, Proxy
Ring Signature Public Verifi cation.
– Setup : On input security parameter 1k , KGC creates and publishes
system parameters and keeps a master secret key which is known
only by KGC.
– Extract : Given an identity ID of any entity, the PKG computes the
public key and corresponding secret key and sends it to the corre-
sponding entity through a secure channel.
– Proxy Phase : (Proxy delegation : Proxy delegation algorithms D
and B are interactive algorithms owned by the original signer IDo
and the proxy signer IDi . The input of each algorithm includes for
the designator and the proxy signer respectively. D also takes as the
input secret key of the designator, a message warrant . B also takes
as input the secret key of the proxy signer.
As a result of the interaction, the proxy signer obtains a proxy signing
key Skp that he will use to sign message on behalf of the original signer .
– Proxy Ring Signature Generation : The proxy ring signature genera-
tion algorithm, that takes a proxy signing key Skp, the designated
verifi er identity , a message M, a warrant and a set of identities L as
input; and outputs a proxy signature Psig.
– Proxy Ring Signature Direct Verifi cation : The proxy ring signature
direct verifi cation algorithm, which takes the identity of the original
signer and a set of identities L, a message M a warrant and a proxy
signature as input; output “ accept” if the directed proxy signature
is valid, or “reject” otherwise.
– Proxy Ring Signature Public Verifi cation : The proxy ring signa-
ture public verifi cation algorithm, runs by any third party(other
than proxy signer and the designated verifi er), takes the identity of
the original signer , identity of proxy signer , identity of the desig-
nated verifi er , a message M, a warrant , an Aid which is provided
by either the proxy signer or the designated verifi er and a directed
proxy ring signature as input; outputs “ accept” if the directed proxy
signature is valid or “reject” otherwise.
Security requirements :A directed proxy ring signature scheme should provide the following
properties.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
186 K. A. AJMATH, P. V. REDDY, B. U. RAO AND S. V. K. VARMA
1. Unforgeability : A proxy signer can create a valid proxy ring signa-
ture for the original signer. But the original signer and other third
parties who are not authorized as a proxy signer can’t create it.
2. Signer ambiguity : given message M, its proxy ring signature, and
the set of ring members, it is infeasible to fi nd out who is the actual
signer.
3. Distinguishability : Everyone can distinguish proxy’s normal ring
signatures from his proxy ring signatures.
4. Non-deniability : Once a proxy signer creates a valid proxy ring
signature of an original signer, he can’t repudiate the signature cre-
ation.
4. Proposed ID-based Directed Proxy Ring Signature Scheme (ID-DPRS)
In this section, we propose our ID-based Directed Proxy Ring Sig-
nature Scheme using bilinear pairings. The proposed ID-DPRS scheme is
described as follows.
– System Setup : Let G1 be a GDH group of prime order q generated
by P, and 2G be a multiplicative cyclic group of same order q; and a
bilinear pairing :e G G G1 1 2"#t . PKG picks a random master secret
key x Z*q! and sets P xPpub = . PKG also chooses two hash functions
: ,H G0 1 *1"1 ! + and : ,H Z0 1 *
2*" q! + . PKG publishes the system pa-
rameters as , , , , , , , ,params G G q P P H H e 1 2 2pub$ $= 1t] g" , and keeps
the maser key x as secret.
– Key Extract : Given a unique identity ,ID 0 1 *! ! + , PKG computes
the public key Q H ID G1 1!=ID] g and the corresponding private key
as d xQID ID= .
The original signer and the proxy signer submits their identity infor-
mation ,ID ID s n1 , o s # # to the PKG. PKG computes public/private key
pairs and return them to the original signer and the proxy signer respec-
tively. In this way, the public and private keys of the original signer and
the proxy signer can be denoted as ( , )Q dID IDo o and ( , )Q dID IDs s .
– Proxy Delegation D : In order to delegate the signing power to the
user IDs , the original signer creates warrant and then computes
( )S H dID2 o~=~ . The original signer sends , S~ ~ to the proxies
group , , ......,L ID ID ID1 2 n= ! +.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
PROXY RING SIGNATURE SCHEME 187
P : Given S~ and ~ , the proxy signer ,ID s n1s # # , checks the
equation ( , )e S p =~t ( ( ) , )e H Q P2 ID pubo~t . If it holds, he computes the
proxy signing key as ( )d H d SID ID2s s~= + ~l .
– Proxyring signature generation : Assume that the proxy signer
ID Ls ! wants to from a directed ring signature scheme on a mes-
sage M on behalf of a set of n proxy signers (proxy members)
, , ........,L ID ID ID 1 2 n= ! +.
Given proxy signing key dIDsl , the proxy signer IDs signs a message
M, on behalf of a proxy group of the original signer, to a designated veri-
fi er IDV as follows. The proxy signer IDs does the following.
(1) Choose r Z*i q! and computes ,R r P Gi i 1!=
, , ........, \ .h H M L R i n s1 2 i i2 6< < != ^ h " !, +
(2) Choose r Z*s q! and computes
( )R r Q Qs s ID ID= +os
{ },R h Qi s
i ID- +!
i i/
, ,W e r Q ds s ID IDV s= t^ h
W r Qs ID= s .
(3) Computes
,h H M L R Ws s s2 < < <= ^ h
( ) ,P H Ppub2 ~=l
( ) .V r h d h Ss s ID ss= + - ~l
The directed proxy ring signature on message M is
{ { }, , , }R V W P i
i
n
1
v ==
l' .
– Proxy ring signature derect verifi cation : The verifi cation of an ID-
based directed proxy ring signature by the designated verifi er that
receives the tuple is as follows.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
188 K. A. AJMATH, P. V. REDDY, B. U. RAO AND S. V. K. VARMA
(1) IDV computes ( ( , )),h H M L R e d Ws i ID2 V< < <= t
{ , , ......, }i n1 2 6 !
(2) Check the equality ( , ( )) ( , )e P R h Q e P Vi i ID
i
n
1
i+ ==
lt t/ (1)
The designated verifi er accepts the signature as a valid proxy ring
signature iff the above equality holds. Otherwise he rejects the signature.
– Proxy ring signature public verifi cation : In case of trouble or if nec-
essary, any other party T can verify the validity of the proxy ring sig-
nature v with the help of the ( , ) ( , )Aid e d r Q e d WID s ID IDs V V= =t tprovided by either the proxy signer IDs or the designated verifi er
.IDV Now with this Aid, T computes ( )h H M L R Aidi i2 < < <= and
verifi es the equation (1). T accepts the signature iff equation (1)
holds. Otherwise he rejects the signature.
5. Analysis of the proposed ID-DPRS Scheme
In this section fi rst we show that the correctness and then we discuss
the security and performance analysis of the proposed ID-DPRS scheme.
5.1. Proof of correctness:
,e P R h QIDi
n
1
+=
ii ilt ^c hm/
,e P R h Q R h Q, , ,
s ID ID
i n
i s
s
1 2
= + + +f
!
!
iis ilt ^ ^e h ho" ,
/
,e P r Q Q h Q= + + sID IDss IDo slt ^^^ h hh
,e P r h Q Q h Q= + + -s sID IDss IDo slt ^ ^^^ h h hh
,e P H r h d d h Ss~= + + - ~IDs IDs osolt ^ ^ ^^^ h h h hh
,e P r h d h Ss= + - ss IDs ~t ^^^ h hh
, .e P V= t^ h
So, if the directed proxy ring signature is generated by a valid mem-
ber in the ring, the verifi cation check is passed, our scheme is verifi able.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
PROXY RING SIGNATURE SCHEME 189
5.2. Security analysis
The proposed ID-DPRS scheme satisfi es the following security re-
quirements.
(1) Unforgeability. Because both original signer and proxy signer gen-
erates a signature on the warrant ~ based on the Chow et al., sig-
nature scheme [3], and Chow et al., signature scheme proved to be
secure. So that no adversary can forge the signature on the warrant
~ even he get ~ and S~ . Given the set , , ,L ID ID IDnf= 21" , of
all ring members, when an adversary attempts to generate a valid
proxy ring signature for message m, we can forge his identity ID j
and get a key pair j ,Q dID IDj^ h from the KGC. To get a valid proxy
key, the adversary has to ensure j( ) ( ),H ID H IDs= 11 it is impossible
because of the one-way property of a strong cryptographic hash
function.
Moreover, even the original signer can’t create a valid proxy ring
signature because the private key of the proxy signer dIDs is in-
volved in the proxy key dIDsl . So the proxy ring signature in our
scheme is unforgeable.
(2) Signer Anonymity : If v is a valid proxy ring signature, IDs is one
of the ring member. The probability that the signature v gener-
ated by IDs is computed to be /( )( ) ( )( ) .q q n q nq1 1 12 f- - + --
The probability is the same for all the ring members. In the signing
phase ( )R i s!i and rs are randomly and uniformly choosed, so hi
is uniformly distributed in Z*q . No matter which ring member is
the actually proxy signer, the probability of a valid proxy signature
generation is equal for all the ring members. So for any adversary,
except for the original signer, even with unbounded computing re-
sources, can only output the actual signature with a probability no
better than /n1 . That is, our scheme satisfi es the property of signer
anonymity.
(3) Non-Deniability : Once a proxy signer generates a valid proxy ring
signature, he cannot repudiate the fact to the original signer because
he has embedded his identity information is warrant ~ . (Thus once
a proxy signer creates a valid proxy ring signature of an original
signer, he can’t repudiation the signature creation).
(4) Distinguishability : Everyone can distinguish proxy’s normal ring
signatures from his proxy ring signatures, because the proxy signa-
ture key is diff erent from his own private key.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
190 K. A. AJMATH, P. V. REDDY, B. U. RAO AND S. V. K. VARMA
5. Conclusion
In this paper we proposed an ID based directed proxy ring signature
(IID-DPRS) scheme, which combines the properties of both proxy ring
signature and directed signature schemes. In this scheme an entity (origi-
nal signer) delegates his signing capability to a group of proxy signers.
Any proxy signer can generates a proxy signature, to a designated veri-
fi er, on behalf of the original signer such that only the designated verifi er
can directly verify the signature and the designated verifi er can be sure
that the secret is indeed given out by the proxy signer group and he can’t
fi gure out who the proxy signer is. In case of necessary any other party
can verify the validity of the signature with the help of the aid provided
proxy signer or the designated verifi er. The proposed scheme satisfi es un-
forgeability, signer anonymity, non-deniability, and distinguishable prop-
erties. The proposed ID-DPRS scheme plays a very important role in some
applications where the anonymously leaking information is sensitive to
the signature receiver.
References
[1] K. Amit, L. Sunder, “ID-based ring signature and proxy ring sig-
nature schemes from bilinear pairings”, Internal Journal of Network Security, Vol. 4(2), 2007, pp. 187–192.
[2] D. Boneh and M. Franklin. “Identity Based Encryption from the Weil
pairing”. Advance in CRYPTO’01, LNCS 2139, Springer-Verlag, 2001,
pp.213–229.
[3] S. Chow, S. Yiu, and L. C. K. Hui, “Eff icient Identity Based Ring Sig-
nature”, Third International Conference, ACNS 2005, Lecture Notes in Computer Science, LNCS 3531, Springer-Verlag, Berlin, 2005, pp.
499–512.
[4] Foster, C. Kesselman, G. Tsudik, and S. Tuecke, “A security archi-
tecture for computational grids”, In: Proc. 5th ACM Conference on
Computer and Communications Security (CCS’98), ACM Press, 1998,
pp. 83–92.
[5] W. M. Lang, Z. K. Yang, W. Q. Cheng,” An improved identity-based
proxy ring signature scheme”, High Technology Letters, Vol. 11(1),
2007, pp. 17–19.
6] B. Lee, H. Kim and K. Kim, “Secure mobile agent using strong non-
designated proxy signature” In: Information Security and Privacy
(ACISP’01) LNCS 2119, Springer-Verlag, 2001, pp. 474–486.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
PROXY RING SIGNATURE SCHEME 191
[7] W. Lei, Li Daxing. An Eff icient ID-Based Proxy Ring Signature
Scheme”, Proceedings of the 2009 WRI International Conference on Com-munications and Mobile Computing, Vol. 3, 2009, pp. 560–563.
[8] J. Leiwo, C. Hanle, P. Homburg, A. S. Tanenbaum, “Disallowing
unauthorized state changes of distributor shared objects”, In: In-
formation Security for Global Information Infrastructures (SEC’01),
Kulwar, 2001, pp. 381–390.
[9] J. Li, X.F. Chen, T.H. Yuen. “Proxy ring signature: formal defi nitions,
eff icient construction and new variant”, In: Proceedings of CIS 2006.
USA: IEEE Press, 2006, pp. 1259–1264.
[10] Lingling Wang, Guoyin Zhang, Chunguang Ma, “A Survey of ring
signatures” Frontiers of Electrical and Electronic Engineering in China,
Springer- Verlag, Vol. 3(1), 2008, pp. 10–19.
[11] R. Lu, Z. Cao. A Directed Signature Scheme based on RSA
Assumption. International Journal of Network Security, Vol. 2(3),
2006, pp. 182–186.
[12] Okamoto, M. Tada, E. Okamoto, “Extended proxy signatures for
smart cards”, In: Information Security Workshop (ISW’99), LNCS
1729, Springer-Verlag, 1999, pp. 247–258, .
[13] H. U. Park, I.Y. Lee, “A digital nominative proxy signature scheme
for mobile communications”, In: Information and Communication
Security (ICICS’01), LNCS 2229, Springer- Verlag, 2001, pp.
451–455.
[14] X. Sun, Jian-hua Li, Gong-liang Chen, Shu-tang Yung. Identity-Based
Directed Signature Scheme from Bilinear Pairings. IACR, Cryptology
e- print Archive, Report 2008/305, 2008. http:// eprint.iacr.org.
[15] B. Umaprasada Rao, P. Vasudeva Reddy, T. Gowri. “An Eff icient
ID-based Directed Signature Scheme from Bilinear Pairings”. IACR,
Cryptology IACR, e-print Archive, Report 2009/617, 2009. http://
eprint.iacr.org/.
[16] P. Vasudeva Reddy, B. Umaprasada Rao, T. Gowri, “ID-based direct-
ed proxy signature scheme from bilinear pairings”, Journal of Discrete Mathematical Sciences & Cryptography, Vol. 13(5), 2010, pp. 487–500.
[17] J. Wang, Fang Zheng, Junxia Li, Yu Huang, “Proxy Ring Signature
Based on Bilinear Scheme,” Second International Conference on
Networks Security, Wireless Communications and Trusted Computing,
Vol. 1, 2010, pp. 542–545.
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4
192 K. A. AJMATH, P. V. REDDY, B. U. RAO AND S. V. K. VARMA
[18] F. G. Zhang, S. N. Reihaneh, “C. Y. Lin New proxy signature, proxy
blind signature and proxy ring signature schemes from bilinear
pairings”, Available at http://eprint.iacr.org/2003/104.
Received November, 2011
Dow
nloa
ded
by [
Uni
vers
ity o
f C
onne
ctic
ut]
at 0
8:56
10
Oct
ober
201
4