**A Secure Proxy Signature Scheme with Delegation by Warrant**

**Constantin POPESCU**

Department of Mathematics and Computer Science, University of Oradea

Oradea 410087, Romania

**Abstract**: A proxy signature scheme is a variation of the ordinary digital signature schemes which enables a proxy signer to generate signatures on behalf of an original signer. In this paper, we present a secure proxy signature scheme. Our proxy signature scheme is based on the difficulty of solving the discrete logarithm problem. We prove that our proxy signature scheme meets all the security requirements for a proxy signature scheme.

**Keywords**: Cryptography, proxy signature, proxy signer, delegation, discrete logarithm problem, warrant.

**>>Full text**

**CITE THIS PAPER AS**:

Constantin POPESCU, **A Secure Proxy Signature Scheme with Delegation by Warrant**, *Studies in Informatics and Control*, ISSN 1220-1766, vol. 20 (4), pp. 373-380, 2011.

**1. Introduction**

The concept of the proxy signature scheme was first introduced by Mambo et al. [9] in 1996. Their proxy signature scheme allows the original signer to delegate his/her signing right to the proxy signer to sign a message on behalf of the original signer. Afterwards, a verifier, which knows the public keys of the original signer and the proxy signer, can verify the validity of the proxy signature issued by the proxy signer.

The proxy signature scheme is classified in two criteria [9]: the delegation technique and generating the proxy signature. There are three types in the first criterion: full delegation, partial delegation and delegation by warrant. In a full delegation proxy signature scheme, a proxy signer uses the same private key as the original signer and generates a proxy signature as the original signer does. The disadvantage of the full delegation comes from the difficulty of distinguishing between the original signer and the proxy signer. In the partial delegation proxy signature scheme, an original signer derives a proxy key from his private key and sends it to a proxy signer in a secure channel. In a proxy signature scheme with delegation by warrant, the original signer gives a proxy signer a special message, namely, warrant. A warrant certifies that the proxy signer is legal and consists of signers’ identity, delegation period and the types of the message on which the proxy signer can sign.

Also, there are two types in the second criterion: protected and unprotected proxy signature schemes. In an unprotected proxy signature scheme, the proxy signature is generated by the both the proxy signer and the original signer. In this case, the verifier cannot distinguish the identity of the signer. In a protected proxy signature scheme, the proxy signature is generated with the proxy signature key of the original signer and also with the private key of the proxy signer. Afterwards, a verifier validates the proxy signature with the public keys of both the original signer and the proxy signer.

Proxy signature schemes are useful in many applications such as electronic payment systems [3], [15], [17], [18] and wireless networks [7], [26].

A lot of proxy signature schemes and some ID-based proxy signature schemes with special features were proposed, such as identity-based multi-proxy signature [1], [2], identity-based strong designated verifier proxy signature [28], [30].

Okamoto et al. [14] proposed a proxy unprotected signature scheme based on the RSA assumption. Also, in 2001, Lee et al. [7] proposed a proxy protected signature scheme based on the RSA assumption. Unfortunately, Wang et al. [27] point out that Lee et al.’s [7] proxy signature scheme is insecure. The first proxy signature scheme based on the factoring integer problem is proposed by Shao [22], in 2003. Recently, Zhou et al. [31] proposed two efficient proxy protected signature schemes. Their first scheme is based on RSA [20] assumption and the second scheme is based on the integer factorization problem. Zhou et al. [31] claim that their schemes are more efficient than other schemes. However, Park et al. [16] point out their schemes are insecure. Moreover, Liu et al. [8] point out that Zhou et al.’s [31] schemes are vulnerable to the undelegated proxy signature attack: any attacker without the delegation of the original signer can generate a valid proxy signature. Xue et al. [29] proposed two proxy signature schemes based on the difficulty of factorings of large integers without formal security proofs. Recently, Shao [24] proposed proxy protected signature scheme based on RSA. Also, most proxy signature schemes are based on the difficulty of discrete logarithm problem [4] or elliptic curve discrete logarithm problem [6], [11], [19], [25].

Mambo et al. [9], [10] proposed three proxy signature schemes based on ElGamal’s signature scheme [5], Schnorr’s signature scheme [21], and Okamoto’s signature scheme [13].

In 1996, Mambo, Usuda and Okamoto, first defined the basic security properties of a proxy signature scheme as follows [9], [10]:

**Verifiability**: From a proxy signature, a verifier can be convinced of the original signer’s agreement on the signed message.

**Strong unforgeability**: A proxy signer can create a valid proxy signature on behalf of the original signer. However, the original signer and any third party cannot generate a valid proxy signature with the name of proxy signers.

**Strong identifiability**: From a proxy signature, anyone can determine the identity of the corresponding proxy signer.

**Strong undeniability**: Once a proxy signer generates a valid proxy signature on behalf of the original signer, the proxy signer cannot deny his signature generation against anyone.

**Prevention of misuse**: It should be confident that the proxy key pair cannot be used for other purposes. In the case of misuse, the responsibility of proxy signers should be determined explicitly.

In this paper we propose a secure proxy signature scheme based on the discrete logarithm problem. The proposed proxy signature scheme is derived from the Shao’s signature scheme [23]. Our proxy signature scheme inherits the strength security properties of the signature scheme proposed in [23]. Also, we give an elliptic curve version of our proxy signature scheme.

The rest of this paper is organized as follows. In the next section we review the model of a proxy signature scheme. Then we present our proxy signature scheme in the section 3 and in the section 4 we give an elliptic curve version of our proposed proxy signature scheme. Furthermore, we discuss some aspects of security in the section 5. The section 6 concludes the work of our paper.

**REFERENCES**

- CAO, F., Z. F. CAO,
**A Secure Identity-based Proxy Multi-signature Scheme**, Information Sciences, 2009, vol. 179, pp. 192-302. - CAO, F., Z. F. CAO,
**A Secure Identity-based Multi-proxy Signature Scheme**, Computers and Electrical Engineering, vol. 35, 2009, pp. 86-95. - CHAUM, D., A. FIAT, M. NAOR,
**Untraceable Electronic Cash**, Proc. of - CHEN, I., M. CHANG, Y.-S. YEH,
**Design of Proxy Signature in the Digital Signature Algorithm (DSA)**, Journal of Information Science And Engineering, vol. 22, 2006, pp. 965-973. - ELGAMAL, T.,
**A Public Key Cryptosystem and Signature Scheme Based on Discrete Logarithms**, IEEE Transactions IT-31(4), 1985, pp. 469-472. - KOBLITZ, N.,
**Elliptic Curve Cryptosystems**, Mathematics of Computation, vol. 48, 1987, pp. 203-209. - LEE, B., H. KIM, K. KIM,
**Secure Mobile Agent using Strong Nondesignated Proxy Signature**, Proc. of the Australasian Conference on Information Security and Privacy, LNCS 2119, 2001, pp. 474-486. - LIU, Y., H. WEN, C. LIN,
**Proxy-Protected Signature Secure Against the Undelegated Proxy Signature Attack**, Computers and Electrical Engineering, vol. 33(3), 2007, pp. 177-185. - MAMBO, M., K. USUDA, E. OKAMOTO,
**Proxy Signatures: Delegation of the Power to Sign Messages**, IEICE Transactions on Fundamentals, vol. E79-A, 1996, pp. 1338-1354. - MAMBO, M., K. USUDA, E. OKAMOTO,
**Proxy Signatures for Delegating Signing Operation**, Proc. Third ACM Conference on Computer and Communications Security, ACM press, 1996, pp. 48-57. - MENEZES, A., D. JOHNSON, S. VANSTONE,
**The Elliptic Curve Digital Signature Algorithm (ECDSA)**, International Journal of Information Security, vol. 1(1), 2001, pp. 36-63. - NIST,
**Secure Hash Signature Standard (SHS)**, National Institute of Standards and Technology, FIPSP 180-2, 2002. - OKAMOTO, T.,
**Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes**, Advances in Cryptology – CRYPTO’92, Springer-Verlag, 1983, pp. 31-53. - OKAMOTO, T., M. TADA, E. OKAMOTO,
**Extended Proxy Signatures for Smart Cards**, Proc. of Information Security Workshop (ISW’99), LNCS 1729, Springer-Verlag, 1999, pp. 247-58. - OROS, H., POPESCU C.,
**A Secure and Efficient Off-line Electronic Payment System for Wireless Networks**, International Journal of Computers, Communications and Control, vol. 5(4), 2010, pp. 551-557. - PARK, J. H., B. G. KANG, J. W. HAN,
**Cryptanalysis of Zhou et al.’s Proxy-protected Signature Schemes**, Applied Mathematics and Computation, vol. 169(1), 2005, pp. 192-197. - POPESCU, C.,
**An Electronic Cash System Based on Group Blind Signatures**, Informatica, vol. 17, 2006, pp. 551-564. - POPESCU, C.,
**A Secure and Efficient Off-line Electronic Transaction Protocol***,*Studies in Informatics and Control, vol. 19(1), 2010, pp. 27-34. - POPESCU C.,
**Blind Signature Schemes Based on the Elliptic Curve Discrete Logarithm Problem**, Studies in Informatics and Control, vol. 19(4), 2010, pp. 397-402. - RIVEST, R. L., A. SHAMIR, L. ADELMAN,
**A Method for Obtain Digital Signatures and Public-Key Cryptosystem**, Communication on ACM , vol. 21(2), 1978, pp. 120-126. - SCHNORR, C. P.,
**Efficient Signature Generation by Smart Cards**, Journal of Cryptology, vol. 3(3), 1991, pp. 161-174. - SHAO, Z.,
**Proxy Signature Schemes Based on Factoring**, Information Processing Letters, vol. 85, 2003, pp. 137-143. - SHAO, Z.,
**A Provably Secure Short Signature Scheme Based on Discrete Logarithms**, Information Sciences, vol. 177, 2007, pp. 5432-5440. - SHAO, Z.,
**Provably Secure Proxy-protected Signature Schemes Based on RSA**, Computers & Electrical Engineering, vol. 35, 2009, pp. 497-505. - TRIPATHY, A. C., I. PATRA, D. JENA,
**Proxy Blind Signature based on ECDLP**, International Journal of Computer and Network Security, vol. 2(6), 2010. - WANG, G.,
**Designated-verifier Proxy Signatures for e-Commerce**, Proc. IEEE 2004 International Conference on Multimedia and Expo (ICME 2004), 2004, pp. 1731-1734. - WANG. G., F. BAO, J. ZHOU, R. H. DENG,
**Security Analysis of Some Proxy Signatures**, Proceedings of Information Security and Cryptology, (ICISC’03), 2004, pp. 305-319. - WANG, Q., Z. F. CAO,
**An Identity-based Strong Designated Verifier Proxy Signature Scheme**, Wuhan University Journal of Natural Sciences, vol. 11(6), 2006, pp. 1633-1635. - XUE, Q., Z. CAO,
**Factoring Based Proxy Signature Schemes**, Journal of Computational and Applied Mathematics, vol. 195, 2006, pp. 229-241. - ZHANG, J., J. MAO,
**A Novel ID-based Strong Designated Verifier Signature Scheme**, Information Science, vol. 178, 2008, pp. 733-766. - ZHOU, Y., Z. CAO, R. LU,
**Provably Secure Proxy-protected Signature Schemes Based on Factoring**, Applied Mathematics and Computation, vol. 164(1), 2005, pp. 83-98.