J.Shanghai Jiaotong Univ.(Sci.),2008,13(1):110—115
DOh 10.1007/s12204—008—01 10一z
Identity-based Verifiably Com mitted Signature Schem e
without Random Oracles
SUN Xunh(孙 迅), LI Jian—hua , (李建华), CHEN Gong—liang2(陈恭亮)
(1.Department of Electronic Engineering,Shanghai Jiaotong University,Shanghai 200240,China;
2.School of Information Security Engineering,Shanghai Jiaotong University,Shanghai 200240,China)
Abstract:An identity—based verifiably committed signature scheme(IB—VCS)was proposed,which is proved
secure in the standard model(i.e.,without random oracles).It enjoys the setup—free property and stand—alone
property,both of which make an exchange protocol more practica1.The scheme is unconditionally secure against
the cheating signer,its security against the cheating verifier is reduced to the computational Dime-Helman
(CDH)problem in the underlying group,it is secure against the cheating trusted third party if the underlying
Paterson Schuldt’s identity based signature fIBS)scheme is secure,which is proven true based on the CDH
assumption in the standard mode1.
Key words: bilinear pairings;identity—based verifiably committed signature scheme;stan dard model
CLC number:TP 31 1 Docum ent code:A
Introduction
Fair exchange protocol[ ]plays an important role in
electronic commerce and digital rights management.
Informaly,a fair exchange protocol aims to enable two
parties,who do not trust each other,to exchange their
items(digital signatures or e-merchandize