Secure Identity-Based Blind Signature Scheme in the Standard Model *

The only known construction of identity-based blind signature schemes that are secure in the standard model is based on the generic approach of attaching certificates to ordinary (i.e. non-identity-based) blind signature schemes, and thus the identity-based blind signature schemes constructed using this method are somewhat inefficient and have long signature size. In this paper, we present the first direct construction of an identitybased blind signature scheme based on Waters ’ recently proposed identity-based encryption scheme and Paterson-Schuldt’s ID-based signature. Our identity-based blind signature scheme is communicationally efficient and only needs two data exchanges between the signer and the user, and the signatures are short. We prove that our scheme is concurrently secure in the standard model assuming that the computational Diffie-Hellman problem is hard