Certificate-based fair exchange protocol of signatures from pairings

In 2003, Boneh et al. proposed the first non-interactive verifiably encrypted signature scheme that can be used to construct optimistic fair exchange protocols of signatures. However, their scheme depends on an entirely honest adjudicator, neither forging signatures nor colluding with one party. To eliminate this unrealistic premise, we propose a new paradigm for building fair exchange protocols of signatures from pairings by choosing a certificate authority CA as an adjudicator. In this paradigm, a certificate, or generally, a signature plays threefold role, firstly acts as the binding of the public key and its holder, secondly acts as a decryption key, and thirdly acts as CA’s guarantee against partiality in adjudication. The proposed protocol not only overcomes the classical authentication problem of public keys, but also relaxes excessive reliance on the trustworthiness of the adjudicator so that the adjudicator only needs to be trusted by the signer.