| A digital signature is a electronic method of signing a message stored in electronic form. which is the digital simulation of the"conventional"handwritten signature . The authentication, data integrity and non-repudiation can be provided by the digital signatures, and important applications occurred in many areas, such as E-commerce and E-governance. With the rapid development of economics and society, the standard signature, which is a simple simulation of handwritten signature, can not meet the applications any longer. Thus the digital signatures with addition functionality becomes a main research area.A signature scheme consists of two components: a signing algorithm and a verification algorithm. In a standard signature, the original message and the append signature are required for the verification algorithm. In 1994, Nyberg and Rueppel posed the signatures with message recovery[1,2]: the original message is not required for the verification algorithm, and only from the append signature, the original message can be recovered by implementing the verification algorithm. Therefore, in the signature scheme with message recovery, it is not necessary to transmit the original message after implementing the verification algorithm, and the bandwidth can be saved.In 1982, the definition of the blind signature was proposed by Chaum[3]. The blind signature can provide the user's anonymity in some areas such as the electronic cash. In 1984, Shamir proposed the identity-based cryptography[4]. And based on this, the large integer factorization problem is used to construct an identity-based signature. Compared to standard signatures, identity-based signature does not need the public key certificate, which has brought great convenience for applications. In 2001, Boneh and Franklin proposed the first practical identity-based public key cryptography by a bilinear pairing[10]. Since then, bilinear pairing becomes one of important tools to construct the identity-based cryptography and the identity-based signature.In order to shorten the overall length of the original message and the append signature in the identity-based signature, in 2005, Zhang Fangguo et al. proposed the identity-based partial recovery signatures by the bilinear pairing[8]. The identity based blind signature with message recovery combines three special features: identity based, message recovery and blind signature.In the identity-based blind signatures with message recovery posed by Song Han[5], Elkamchochi H[6] and Zhang Xuejun[7], the verifier is assumed to have the original message first, and then by the verification algorithm, one message can be calculated. At last, check whether the above two messages are the same or not, if same, then successful.This work exhibits two main aspects:First, one serious problem on the identity-based blind signatures with message recovery [5-7] is pointed out: Except for users who apply for the signature, the other can not verify the signature for lack of the original message. If the verifier has the original message, then there is no need to recover the original message. Thus these schemes degenerate into identity-based blind signatures.Second, together with literatures [5-8], a new identity-based blind signatures with message recovery is proposed, which solves the bug we found in the literatures [5-7]. This scheme is proved to be secure in the random oracle model. Finally, compared with the scheme in [7], our scheme is more efficient in computationa cost. |
PDF Full Text Request