Abstract: In order to solve the problem of proxy revocation, a novel efficient proxy signature scheme with revocable proxy right is proposed. By maintaining an authorized list and a trusted list in Lightweight Directory Access Protocol(LDAP) server and setting write access only to original signer, the novel scheme does not rely on the on-line trusted third part. Analysis shows that the new proposal fulfills all the security requirements of proxy signatures such as strong unforgeability, verifiability, strong undeniability, strong identifiability, distingulshability, prevention of misuse. Compared with the existing solutions, this scheme has less computation and fewer interactions in signature issuing and verification phase.

Key words: digital signature, proxy signature, proxy authorization, proxy revocation, strong unforgeability

摘要： 针对代理授权撤销问题，提出一个新型可撤销代理权的代理签名方案。通过在轻量级目录访问协议服务器上维护一张授权列表和一张可信列表，并设置只有原始签名人拥有写权限，使签名过程无需一个实时在线的可信第三方。分析结果表明，该方案具有强不可伪造性、可验证性、强不可否认性、可区分性、强可识别性及防止滥用，与同类方案相比，签名和验证的计算量更小、交互次数更少。

关键词: 数字签名, 代理签名, 代理授权, 代理撤销, 强不可伪造性

CLC Number: 

• TP309