Wu et al. defined three security notions for server aided verification (SAV) protocols to prevent a server from convincing a verifier that an invalid signature is valid. Security against strong collusion attacks provides the strongest security guarantee among these notions. They constructed SAV protocols to meet these notions respectively. But they did not provide concrete running time to show that the running time of a verifier in their SAV protocol is strictly less than that of a verifier in the original verification protocol. In addition, a problem left open by their work is to design a SAV protocol which is unforgeable without random oracles as well as sound against strong collusion attacks. To address the above issues, we first design a SAV-Hofheinz protocol for a short signature proposed by Hofheinz, which is unforgeable in the standard model. Then we implement SAV-Hofheinz by the PBC library and show that the running time of a verifier in SAV-Hofheinz is strictly less than that of a verifier in the original verification protocol.

• 出版日期2012