Abstract

Aggregate signature algorithms combine n signatures on n different messages from n distinct users into one aggregated signature. The aggregated signature allows the verifier to authenticate the n signatures simultaneously. Because the total signature length and authentication costs are significantly reduced, aggregate signature algorithms are attractive to applications with resource constraints and applications requiring efficient batch authentications. In this paper, we propose a novel aggregate signature scheme based on certificateless-PKC. Under this novel scheme, the length of the aggregated signature and the pairing computation cost in the aggregate signature verification process are independent of the number of signatures being aggregated. We also prove that the proposed scheme is existentially unforgeable against adaptive chosen-message and chosen-identity attacks, based on the hardness assumption of the computational Diffie-Hellman problem. The new scheme will be suitable for resource-constrained applications. Copyright © 2016 John Wiley & Sons, Ltd.