Proxy signature with revocation
Proxy signature is a useful cryptographic primitive that allows signing right delegation. In a proxy signature scheme, an original signer can delegate his/her signing right to a proxy signer (or a group of proxy signers) who can then sign documents on behalf of the original signer. In this paper, we investigate the problem of proxy signature with revocation. The revocation of delegated signing right is necessary for a proxy signature scheme when the proxy signer's key is compromised and/or any misuse of the delegated right is noticed. Although a proxy signature scheme usually specifies a delegation time period, it may happen that the original signer wants to terminate the delegation before it is expired. In order to solve this problem, in this paper we propose a new proxy signature scheme with revocation. Our scheme utilises and combines the techniques in the Naor-Naor-Lotspiech (NNL) framework for broadcast encryption, the Boneh-Boyen-Goh (BBG) hierarchical identity-based encryption and the Boneh-Lynn-Shacham (BLS) short signature scheme and thereby constructing an efficient tree-based revocation mechanism. The unrevoked proxy signer only needs to generate evidences for proving that he/she is a valid proxy signer once in per revocation epoch, and the verifier does not need a revocation list in order to verify the validity of a proxy signature.