International Association
for Cryptologic Research

The blind signature scheme permits the user to acquire a signature

from the signer; however, the message and the final signature are

unknown to the signer. In a partially blind signature (PBS) scheme,

the signer can explicitly incorporate a common information in the

signature based on some agreement with the user and without

violating the blindness property. Many PBS schemes have been

proposed recently either by using certificate authority-based public

infrastructure (CA-PKI) or pairing along with map-to-point function.

The CA-PKI-based PBS scheme needs huge computation and storage to

keep public keys and certificates. On the other hand, pairing and

map-to-point function are costly operations. Thus, the ID-PBS scheme

without pairing is more appropriate for real environments, and an

efficient pairing-free ID-PBS scheme is proposed in this paper. In

the random oracle model, our scheme is analyzed to be provably

secure. The proposed scheme is used to design an online e-cash

system, in which a bank agrees on a common piece of information with

a customer and can blindly sign some messages. It may be noted that

our e-cash system has the properties of unforgeability,

unlinkability, and non-deniability and can prevent the

double-spending of e-cash.