Over the last few years, identity-based cryptosystem (IBC) has attracted widespread attention because it avoids the high overheads associated with public key certificate management. However, an unsolved but critical issue about IBC is how to revoke a misbehaving user. There are some revocable identity-based encryption schemes that have been proposed recently, but little work on the revocation problem of identity-based signature has been undertaken so far. One approach for revocation in identity-based settings is to update users' private keys periodically, which is usually done by the key generation center (KGC). But with this approach, the load on the KGC will increase quickly when the number of users increases. In this paper, we propose an efficient revocable identity-based signature (RIBS) scheme in which the revocation functionality is outsourced to a cloud revocation server (CRS). In our proposed approach, most of the computations needed during key-updates are offloaded to the CRS. We describe the new framework and the security model for the RIBS scheme with CRS and we prove that the proposed scheme is existentially unforgeable against adaptively chosen messages and identity attacks in the random oracle model. Furthermore, we monstrate that our scheme outperforms previous IBS schemes in terms of lower computation and communication costs.

Document Type


Publication Date


Notes/Citation Information

Published in IEEE Access, v. 5, p. 2945 - 2954.

© 2017 IEEE

The copyright holder has granted the permission for posting the article here.

Digital Object Identifier (DOI)


Funding Information

This work was supported in part by the National Natural Science Foundation of China under Grant 61402339, Grant 61572379,Grant 61501333, and Grant 61603419 and in part by the Fundamental Research Funds for the Central Universities under Grant CZY15018.