Inventing new cryptosystems is dangerous. Why not an OpenPGP armored
detached signature?

{"hello":"world","signature":"-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQBJto4vlKln0Ovw7PARAlipAJ4tFqpJRikySLnynzbe6XxzIQ2PnACgipzl\n7qRjToRgvNXLdSEQ1V+aJEQ=\n=ykd/\n-----END PGP SIGNATURE-----\n"}

Or else a binary detached signature, base64-encoded.