Identity-based Aggregate Signatures with Verifiable Single Ones

In an aggregate signature scheme, different signatures from different signers on different messages can be aggregated to reduce the cost of computation and communication. Using an identity-based signature method, any one can verify signatures by the identity of the signer without transmitting certificates. Currently, in most identity-based aggregate signature schemes, aggregate signature verification might require complex pairing operations, or some interactions among the signers might be required. In addition, the individual signatures in those aggregate signatures are often insecure or restricted in special scenarios, which does not satisfy the requirement that an individual signature can be used independently and can also be aggregated on-demand. This paper tries to address this issue by proposing an identity-based aggregate signature scheme in which an individual one can be securely and conveniently used. Our scheme is efficient with constant paring operation, and different signers can concurrently sign different messages. The security of our scheme is proved in the random oracle model