ID-based distributed "magic ink" signature from pairings

Abstract

The advantage of ID-based system is the simplification of key distribution and certification management; a user can directly use his identity as his public key instead of an arbitrary number, thus at the same time he can prove his identity rather than providing a certificate from CA. Now a revocable blind signature is becoming more practical; because a complete anonymity can be abused in real world applications. For instance the perfect crime concern in e-cash system. The "magic ink" signature provides a revocable anonymity solution, which means that the signer has some capability to revoke a blind signature to investigate the original user in case of abnormal activity, while keeping the legal user's privacy anonymous. A single signer in "magic ink" signature can easily trace the original user of the message without any limitation; this scheme can't satisfy anonymity for a legal user, so we can use n signers to sign the message through a (n, n) threshold secret sharing to distribute the commitment during the signature procedure, single signer's revocability is limited, only under the agreement and cooperation of a set of n singers, the user's identity can be discovered. In this paper an ID-based (n, n) threshold "magic ink" signature is proposed along with its analysis and application.