Strongly secure certificateless signature scheme supporting batch verification (Q1719253)

Summary: We propose a strongly secure certificateless signature scheme supporting batch verification, which makes it possible for a verifier to verify a set of signatures more efficiently than verifying them one by one. In an identity-based digital signature scheme, private key generator (PKG) knows each user's signing key, so it can generate a signature which is indistinguishable from the signature generated by the user. This is a serious problem because the property of signature nonrepudiation will not be achieved. In our proposed scheme, it is impossible for PKG to produce a signature which is indistinguishable from any signature produced by a user. Compared with existing signature schemes with batch verification, although our proposed scheme is not the most efficient one, it achieves Girault's level-3 security, while the others have Girault's level-1 or level-2 security only. We also formally prove that the proposed scheme is unforgeable and satisfies Girault's level-3 security based on hard problems.