Server-aided signature verification for lightweight devices

Server-aided verification (SAV) has potential applicability in lightweight devices for improving signature verification, where the verifier possesses a computationally weak hardware. We observe that lightweight devices run all algorithms through hardware implementation with logic circuits. Existing SAV protocols indeed improve computational efficiency for lightweight devices, however, few of them take the hardware cost into consideration. The hardware implementation of SAV protocols could be still costly and expensive for lightweight devices. Currently, the most secure SAV protocols in the literature for pairing-based (G₁ × G₂ → G_T) signatures can securely delegate pairing computations to the server; however, verifiers are still required to perform group operations over two completely different groups G₁ and G_T, which heavily contribute to the cost of hardware implementation. In this work, we propose several collusion-resistant SAV protocols for pairing-based signatures to improve their applicability for lightweight devices. In our SAV protocols, verifiers are only required to perform group operations in G₁. In comparison with existing SAV protocols, our protocols save the unnecessary hardware cost for implementing group operations in G_T and therefore are more applicable to lightweight applications.