Verifiable Signature Sharing Scheme Based on Strong RSA Assumption

In 2000, Cramer and Shoup presented a signature scheme which is secure against adaptivechosen-message attacks under the strong RSA assumption in the standard model. Then, in 2003, underthe strong RSA assumption only, Fischlin produced a signature of roughly half the length. A verifiablesignature sharing scheme (V§S) introduced by Franklin and Reiter in 1995 enables the recipient of asignature to share it among n proxies so that a subset of them can reconstruct it later. In this paper, we first give a modification of Fischlin’s scheme under the strong RSA assumption and then get a newverifiable signature sharing scheme based on it in the standard model. At last, we prove that our newV§S can tolerate the malicious behavior of up to half of the proxies corrupted by a static adversaryexcept for a negligible probability. Our scheme is efficient and the length of signature in our scheme issimilar to Fischlin’s and roughly half of Cramer-Shoup signature scheme