Abstract: Certificate-based cryptosystem can not only reduce the high cost of public key management, but also solve the key escrow problem. Multi-proxy signature allows an original signer to delegate his signing rights to a proxy group, and only the cooperation of all signers in the proxy group can generate a valid proxy signature. This paper presents a new formal definition and a new security model of certificate-based multi-proxy signature, and proposes a concrete scheme without using bilinear pairings. Based on the discrete logarithm assumption, this paper proves the scheme to be unforgeable in the random oracle model. The efficiency analysis shows that the scheme has higher efficiency. At last, this paper gives the application examples.

Key words: certificate-based cryptosystem, multi-proxy signature, bilinear pairings, public key replacement attacks, random oracle model

摘要： 基于证书的密码体制既能降低公钥管理的高昂费用，又能解决密钥托管问题。多代理签名允许一个原始签名者把他的签名权委托给一群代理签名人，并且只有所有代理签名人合作才能产生有效的代理签名。给出了基于证书的多代理签名的形式化定义和安全模型，并提出了一个不使用双线性对的基于证书的多代理签名方案。在随机预言机模型中，基于离散对数问题假设，对方案进行了不可伪造性的证明。效率分析表明，该方案是高效的。最后，给出了该方案的应用实例。

关键词: 基于证书的密码体制, 多代理签名, 双线性对, 公钥替换攻击, 随机预言机模型