In this work, we present and establish a new primitive called Multi-level Controlled Signature. This primitive allows a signer to specify a security level to limit the verifiability of the signature. This primitive works as follows. Without losing generality, we assume the security levels of a group of users are defined in ascending order, where “A” represents the lowest security level and “Z” represents the highest security level, respectively. When a signer signs a message by specifying a security level “C”, all users who have a security level greater than “C” will be able to verify while other users whose security levels are “A”, “B” or “C” cannot verify the authenticity of this message. This primitive resembles some similarities with other existing primitives, such as Hierarchical Identitybased Encryption/Signatures, policy-based cryptography, but we stress that this primitive is unique in the sense that other primitives cannot satisfy all requirements as stated above efficiently. In this paper, we develop a security model for such a primitive. We present two concrete constructions that are proven secure in our model. The first scheme has a constant signature size, while the second scheme is more efficient in terms of verifier’s private information. We provide a comparison between our schemes and illustrate where each scheme is applicable in the real world scenario.
Available at: http://works.bepress.com/wsusilo/259/