Tight security for the generic construction of identity-based signature (in the multi-instance setting)

Abstract An identity-based signature (IBS) scheme can be generically constructed from any ordinary signature scheme by appending a chain of signatures. Until now, it has been known that a generic construction cannot lead to a tightly secure IBS scheme, although any tightly secure signature scheme can be used as a building block. In this study, we demonstrate that the generic construction of IBS can achieve tightness if the underlying signature scheme is tightly secure in the multi-user setting with corruption. In addition, we extend the tightness result of IBS to the multi-instance setting, where an adversary can corrupt multiple key generation centers and obtain multiple related master secret keys. As instantiations, we adopt the efficient and tightly secure signature scheme in the multi-user setting with corruption, recently proposed by Gjosteen and Jager (CRYPTO 2018). As a result, we can obtain the first efficient and tightly secure IBS schemes (in the multi-instance setting) based on the Diffie–Hellman assumptions in the random oracle model.