Anonymous, Timed and Revocable Proxy Signatures

A proxy signature enables a party to delegate her signing power to another. This is useful in practice to achieve goals related to robustness, crowd-sourcing, and workload sharing. Such applications usually require delegation to satisfy several properties, including time bounds, anonymity, revocability, and policy enforcement. Despite the large amount of work on proxy signatures in the literature, none of the existing schemes satisfy all these properties; even there is no unified formal notion that captures them. In this work, we close this gap and propose an anonymous, timed, and revocable proxy signature scheme. We achieve this in two steps: First, we introduce a tokenizable digital signature based on Schnorr signature allowing for secure distribution of signing tokens (which could be of independent interest). Second, we utilize a public bulletin board and timelock encryption to support: (1) one-time usage of the signing tokens by tracking tokens used so far based on unique values associated to them, (2) timed delegation so that a proxy signer cannot sign outside a given period, and (3) delegation revocation allowing the original signer to end a delegation earlier than provisioned. All of these are done in a decentralized and anonymous way; no trusted party is involved, and no one can tell that someone else signed on behalf of the original signer or even that a delegation took place. We define a formal notion for proxy signatures capturing all these properties, and prove that our construction realizes this notion. We also introduce several design considerations addressing issues related to deployment in practice

Proxy signature with revocation

Proxy signature is a useful cryptographic primitive that allows signing right delegation. In a proxy signature scheme, an original signer can delegate his/her signing right to a proxy signer (or a group of proxy signers) who can then sign documents on behalf of the original signer. In this paper, we investigate the problem of proxy signature with revocation. The revocation of delegated signing right is necessary for a proxy signature scheme when the proxy signer\u27s key is compromised and/or any misuse of the delegated right is noticed. Although a proxy signature scheme usually specifies a delegation time period, it may happen that the original signer wants to terminate the delegation before it is expired. In order to solve this problem, in this paper we propose a new proxy signature scheme with revocation. Our scheme utilises and combines the techniques in the Naor-Naor-Lotspiech (NNL) framework for broadcast encryption, the Boneh-Boyen-Goh (BBG) hierarchical identity-based encryption and the Boneh-Lynn-Shacham (BLS) short signature scheme and thereby constructing an efficient tree-based revocation mechanism. The unrevoked proxy signer only needs to generate evidences for proving that he/she is a valid proxy signer once in per revocation epoch, and the verifier does not need a revocation list in order to verify the validity of a proxy signature