A digital signature provides the authenticity of a signed message with respect to a public key and a certificate provides the authorization of a signer for a public key. Digital signature and certificate are generated independently by different parties, but they are verified by the same verifier who wants to verify the signature. In the point of a verifier, verifying two independent digital signatures (a digital signature and the corresponding certificate) is a burden. In this paper we propose a new digital signature scheme called self-certified signature. In this scheme a signer computes a temporary signing key with his long-term signing key and its certification information together, and generates a signature on a message and certification information using the temporary signing key in a highly combined and unforgeable manner. Then, a verifier verifies both signer's signature on the message and related certification information together. This approach is very advantageous in efficiency. We extend the proposed self-certified signature scheme to multi-certification signature in which multiple certification information are verified. We apply it to public key infrastructure (PKI) and privilege management infrastructure (PMI) environments.
Digital signature; Public key; Message passing; Authentication; Certification