Abstract: To resolve the problem of low efficiency of the existing signature schemes in the standard model, an on-line/off-line signature scheme is proposed by using chameleon hash function and target collision-resistant hash function. Most of the computations are performed in the off-line phase before seeing the message to be signed. The results of this pre-computation are saved and then used in the on-line phase when the message must be signed. Moreover, the proposed signature scheme is provably secure against strong forgery under adaptive chosen message attacks. Compared with the existing signature schemes in the standard model, the new scheme is more efficient in the computational cost. It needs one modular subtraction computation and one modular multiplication computation in the on-line re-signing generation algorithm. The proposed scheme is suitable for low-power devices when computing power is weak.

Key words: on-line/off-line signature, strong unforgeability, chameleon hash function, target collision-resistant hash function

摘要： 针对标准模型下签名方案效率低的问题，利用目标抗碰撞杂凑函数和变色龙哈希函数，提出了一种在线/离线签名方案。在签名消息到来之前，离线阶段进行重签名的大部分计算，并将这些运算结果保存起来；在签名消息到来时，利用离线阶段保存的数据能在很短的时间内生成消息的在线重签名。在标准模型下，证明了新方案在适应性选择消息攻击下满足强不可伪造性。分析结果表明，新方案在效率上优于已有的标准模型下签名方案，在线签名算法仅需要1次模减法运算和1次模乘法运算，适合于计算能力较弱的低端计算设备。

关键词: 在线/离线签名, 强不可伪造性, 变色龙哈希函数, 目标抗碰撞杂凑函数