Journal of Cryptology

, Volume 26, Issue 2, pp 340–373

Sequential Aggregate Signatures, Multisignatures, and Verifiably Encrypted Signatures Without Random Oracles


  • Steve Lu
  • Rafail Ostrovsky
  • Amit Sahai
  • Brent Waters

DOI: 10.1007/s00145-012-9126-5

Cite this article as:
Lu, S., Ostrovsky, R., Sahai, A. et al. J Cryptol (2013) 26: 340. doi:10.1007/s00145-012-9126-5


We present the first aggregate signature, the first multisignature, and the first verifiably encrypted signature provably secure without random oracles. Our constructions derive from a novel application of a recent signature scheme due to Waters. Signatures in our aggregate signature scheme are sequentially constructed, but knowledge of the order in which messages were signed is not necessary for verification. The aggregate signatures obtained are shorter than Lysyanskaya et al.’s sequential aggregates and can be verified more efficiently than Boneh et al.’s aggregates. We also consider applications to secure routing and proxy signatures.

Key words

Waters signatureBilinear mapSecure BGP

Copyright information

© International Association for Cryptologic Research 2012