Improved certificate-based signature scheme without random oracles

Certificate-based cryptography is a useful primitive that combines traditional public key cryptography (PKC) and identity-based cryptography (IBC). It not only solves the key escrow problem inherent in IBC, but also simplifies the certificate problem in traditional PKC. So far, several certificate-based signature (CBS) schemes have been proposed in the literature. However, none of them consider the malicious certificate authority (CA) attack. Cryptanalysis shows that two previous CBS schemes without random oracles fail in achieving unforgeability under such attack. To overcome the security weakness in these schemes, the authors propose an improved CBS scheme that can withstand malicious CA attacks. They prove it to be existentially unforgeable against chosen message attacks under the computational Diffie-Hellman assumption in the standard model. Compared with the previous standard-model CBS schemes, the proposed scheme has obvious advantages in both the computation and communication efficiency.