Recently, Tseng et al. proposed a new notion for identity-based signature (IBS) scheme to resist ephemeral secret leakage (ESL) attacks, called leakage-free identity-based signature (leakage-free IBS), and devised the first secure leakage-free IBS scheme. However, they only considered the situation of the leakage of ephemeral secrets used for generating the signatures. Notice that the private key extraction procedure is probabilistic as well in their scheme, that is, there are ephemeral secrets used by the key generation center to generate the signers' private keys. It is practical to consider that if the adversary comprises these ephemeral secrets, then he can reveal the master key of the system. Therefore, it is desired to introduce a new security notion for the leakage-free IBS schemes to consider the ESL attacks on both private key extraction and signing procedures. In this paper, we present such security notion. Moreover, we propose two IBS schemes that are proved to be secure under the new security notion.
- ESL attack
- identity-based signature