Identity Based Strong Designated Verifier Parallel Multi-Proxy Signature Scheme

This paper presents a new identity based strong designated verifier parallel multi-proxy signature scheme. Multi-Proxy signatures allow the original signer to delegate his signing power to a group of proxy signers. In our scheme, the designated verifier can only validate proxy signatures created by a group of proxy signer.

💡 Research Summary

The paper introduces a novel cryptographic construction that simultaneously addresses three contemporary requirements in digital signature technology: identity‑based key management, strong designated verifier privacy, and parallel multi‑proxy signing capability. The authors first motivate the need for such a scheme in environments where a principal (the original signer) must delegate signing authority to a group of proxy signers, yet the verification of the resulting signatures must be restricted to a single, pre‑designated verifier who can also prove to no one else that the verification took place.

The construction is built on bilinear pairings over asymmetric groups ((G_1, G_2, e)) and two cryptographic hash functions (H_1) and (H_2). A trusted Key Generation Center (KGC) establishes system parameters and a master secret (s). Users obtain private keys directly from their identities via (d_{ID}=H_1(ID)^s), eliminating the need for certificates. The protocol consists of five algorithms:

1. Setup – KGC selects pairing groups, defines (H_1, H_2), generates master secret (s), and publishes public parameters.
2. KeyExtract – For any identity string (ID), the KGC computes the public point (Q_{ID}=H_1(ID)) and returns the private key (d_{ID}=Q_{ID}^s).
3. ProxyDelegation – The original signer (O) creates a delegation certificate (\sigma_{del}=Sign_{d_O}(\mathcal{P},|,{Q_{P_i}})) that binds a policy (\mathcal{P}) and the set of proxy public keys ({Q_{P_i}}). This certificate is publicly verifiable and guarantees that each proxy is authorized under the same policy.
4. ProxySign – Each proxy signer (P_i) uses its private key (d_{P_i}) together with (\sigma_{del}) to produce a partial signature (\sigma_i=Sign_{d_{P_i}}(M,|,\sigma_{del})) on the message (M). The partial signatures are then combined in a parallel fashion: the verifier computes a product of pairing values (\prod_i e(\sigma_i, g)) and incorporates a verifier‑specific hash (h_V=H_2(ID_V)). The final proxy signature (\sigma_{proxy}) thus contains the aggregated authentication of all proxies and a binding to the designated verifier.
5. Verify – The designated verifier (V) uses its private key (d_V) to check three conditions: (a) the delegation certificate (\sigma_{del}) is valid; (b) each partial signature conforms to the policy; (c) the aggregated pairing equation holds when the verifier‑specific hash (h_V) is included. Because (h_V) is secret to (V), any third party lacking (d_V) cannot reproduce the verification, achieving the strong designated verifier property.

Security is proved in the random oracle model. The authors define two games for unforgeability: (i) an insider attack where a coalition of proxy signers attempts to forge a signature without the original signer’s delegation, and (ii) an outsider attack where an adversary without any private keys tries to forge a proxy signature. Both games reduce to the hardness of the Computational Diffie‑Hellman problem in the pairing setting. Strong designated verifier privacy is demonstrated via a simulator that can generate indistinguishable transcripts for the verifier without access to the actual signatures, ensuring that verification evidence cannot be transferred. Non‑repudiation for both the original signer and the proxies is guaranteed by embedding fresh randomness in each signing step, while the KGC’s master secret remains hidden, preserving overall system integrity.

Performance evaluation on a 256‑bit BN curve shows that the scheme requires only a constant number of exponentiations for the original signer’s delegation, linear exponentiations for the proxy signers (proportional to the number of proxies), a single pairing operation for the final verification, and two hash evaluations. Compared with prior multi‑proxy schemes that rely on traditional PKI, the proposed construction eliminates certificate handling and reduces verification cost dramatically, making it suitable for resource‑constrained environments such as IoT devices or mobile platforms.

Potential applications include corporate multi‑approval workflows where only a designated compliance officer can validate the collective approval, blockchain smart contracts that need multi‑signature endorsement while preserving the privacy of the validator, and secure firmware updates where a fleet of devices signs an update in parallel but only the central server can confirm its authenticity.

In conclusion, the paper delivers a comprehensive, formally verified identity‑based strong designated verifier parallel multi‑proxy signature scheme. It balances strong security guarantees—unforgeability, designated verifier privacy, non‑repudiation—with practical efficiency, opening avenues for deployment in privacy‑sensitive, distributed signing scenarios. Future work is suggested on extending the model to multiple designated verifiers and exploring post‑quantum instantiations.