Inventing new cryptosystems is dangerous. Why not an OpenPGP armored detached signature?
{"hello":"world","signature":"-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG
v1.4.6
(GNU/Linux)\n\niD8DBQBJto4vlKln0Ovw7PARAlipAJ4tFqpJRikySLnynzbe6XxzIQ2PnACgipzl\n7qRjToRgvNXLdSEQ1V+aJEQ=\n=ykd/\n-----END
PGP SIGNATURE-----\n"}
Or else a binary detached signature, base64-encoded.
