Advertisement

Designs, Codes and Cryptography

, Volume 86, Issue 10, pp 2197–2246 | Cite as

Homomorphic signatures with sublinear public keys via asymmetric programmable hash functions

  • Dario Catalano
  • Dario Fiore
  • Luca Nizzardo
Article

Abstract

We introduce the notion of asymmetric programmable hash functions (APHFs, for short), which adapts Programmable hash functions, introduced by Hofheinz and Kiltz (Crypto 2008, Springer, 2008), with two main differences. First, an APHF works over bilinear groups, and it is asymmetric in the sense that, while only secretly computable, it admits an isomorphic copy which is publicly computable. Second, in addition to the usual programmability, APHFs may have an alternative property that we call programmable pseudorandomness. In a nutshell, this property states that it is possible to embed a pseudorandom value as part of the function’s output, akin to a random oracle. In spite of the apparent limitation of being only secretly computable, APHFs turn out to be surprisingly powerful objects. We show that they can be used to generically implement both regular and linearly-homomorphic signature schemes in a simple and elegant way. More importantly, when instantiating these generic constructions with our concrete realizations of APHFs, we obtain: (1) the first linearly-homomorphic signature (in the standard model) whose public key is sub-linear in both the dataset size and the dimension of the signed vectors; (2) short signatures (in the standard model) whose public key is shorter than those by Hofheinz–Jager–Kiltz (Asiacrypt 2011, Springer, 2011) and essentially the same as those by Yamada et al. (CT-RSA 2012, Springer, 2012).

Keywords

Public-Key Cryptography Programmable Hash Functions Digital Signatures Homomorphic Signatures 

Mathematics Subject Classification

94A60 

Notes

Acknowledgements

The research of Dario Fiore and Luca Nizzardo is partially supported by the Spanish Ministry of Economy under Project References TIN2015-70713-R (DEDETIS), RTC-2016-4930-7 (DataMantium), and by the Madrid Regional Government under Project N-Greens (Ref. S2013/ICE-2731). Dario Fiore is also supported by a Juan de la Cierva fellowship from the Spanish Ministry of Economy.

References

  1. 1.
    Abe M., Groth J., Ohkubo M., Tibouchi M.: Structure-preserving signatures from type II pairings. In: Garay J.A., Gennaro R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 390–407. Springer (2014).Google Scholar
  2. 2.
    Ahn J.H., Boneh D., Camenisch J., Hohenberger S., Shelat A., Waters B.: Computing on authenticated data. In: Cramer R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 1–20. Springer (2012).Google Scholar
  3. 3.
    Attrapadung N., Libert B.: Homomorphic network coding signatures in the standard model. In: Catalano D., Fazio N., Gennaro R., Nicolosi A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 17–34. Springer (2011).Google Scholar
  4. 4.
    Attrapadung N., Libert B., Peters T.: Computing on authenticated data: new privacy definitions and constructions. In: Wang X., Sako K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 367–385. Springer (2012).Google Scholar
  5. 5.
    Attrapadung N., Libert B., Peters T.: Efficient completely context-hiding quotable and linearly homomorphic signatures. In: Kurosawa K., Hanaoka G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 386–404. Springer (2013).Google Scholar
  6. 6.
    Backes M., Fiore D., Reischuk R.M.: Verifiable delegation of computation on outsourced data. In: Sadeghi A.-R., Gligor V.D., Yung M. (eds.) ACM CCS 13, pp. 863–874. ACM Press (2013).Google Scholar
  7. 7.
    Barthe G., Fagerholm E., Fiore D., Mitchell J.C., Scedrov A., Schmidt B.: Automated analysis of cryptographic assumptions in generic group models. In: Garay J.A., Gennaro R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 95–112. Springer (2014).Google Scholar
  8. 8.
    Boneh D., Franklin M.K.: Identity-based encryption from the Weil pairing. In: Kilian J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer (2001).Google Scholar
  9. 9.
    Boneh D., Boyen X.: Efficient selective-ID secure identity based encryption without random oracles. In: Cachin C., Camenisch J., (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer (2004).Google Scholar
  10. 10.
    Boneh D., Boyen X.: Short signatures without random oracles. In: Cachin C., Camenisch J. (eds). EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer (2004).Google Scholar
  11. 11.
    Boneh D., Freeman D.M.: Homomorphic signatures for polynomial functions. In: Paterson K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 149–168. Springer (2011).Google Scholar
  12. 12.
    Boneh D., Freeman D.M.: Linearly homomorphic signatures over binary fields and new tools for lattice-based signatures. In: Catalano D., Fazio N., Gennaro R., Nicolosi A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 1–16. Springer (2011).Google Scholar
  13. 13.
    Boneh D., Boyen X., Goh E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer (2005).Google Scholar
  14. 14.
    Boneh D., Freeman D., Katz J., Waters B.: Signing a linear subspace: signature schemes for network coding. In: Jarecki S., Tsudik G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer (2009).Google Scholar
  15. 15.
    Boyen X., Fan X., Shi E.: Adaptively secure fully homomorphic signatures based on lattices. Cryptology ePrint Archive, Report 2014/916. http://eprint.iacr.org/2014/916 (2014).
  16. 16.
    Catalano D., Fiore D., Warinschi B.: Adaptive pseudo-free groups and applications. In: Paterson K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 207–223. Springer (2011).Google Scholar
  17. 17.
    Catalano D., Fiore D., Warinschi B.: Efficient network coding signatures in the standard model. In: Fischlin M., Buchmann J., Manulis M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 680–696. Springer (2012).Google Scholar
  18. 18.
    Catalano D., Fiore D., Gennaro R., Vamvourellis K.: Algebraic (trapdoor) one-way functions and their applications. In: Sahai A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 680–699. Springer (2013).Google Scholar
  19. 19.
    Catalano D., Fiore D., Nizzardo L.: Programmable hash functions go private: constructions and applications to (homomorphic) signatures with shorter public keys. In: CRYPTO 2015. Springer (2015).Google Scholar
  20. 20.
    Catalano D., Fiore D., Warinschi B.: Homomorphic signatures with efficient verification for polynomial functions. In: Garay J.A., Gennaro R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 371–389. Springer (2014).Google Scholar
  21. 21.
    Erdös P., Frankel P., Furedi Z.: Families of finite sets in which no set is covered by the union of $r$ others. Isr. J. Math. 51, 79–89 (1985).MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Freeman D.M.: Improved security for linearly homomorphic signatures: a generic framework. In: Fischlin M., Buchmann J., Manulis M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 697–714. Springer (2012).Google Scholar
  23. 23.
    Freire E.S.V., Hofheinz D., Paterson K.G., Striecks C.: Programmable hash functions in the multilinear setting. In: Canetti R., Garay J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 513–530. Springer (2013).Google Scholar
  24. 24.
    Gennaro R., Katz J., Krawczyk H., Rabin T.: Secure network coding over the integers. In: Nguyen P.Q., Pointcheval D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 142–160. Springer (2010).Google Scholar
  25. 25.
    Gennaro R., Wichs D.: Fully homomorphic message authenticators. In: Sako K., Sarkar P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 301–320. Springer (2013).Google Scholar
  26. 26.
    Gorbunov S., Vaikuntanathan V., Wichs D.: Leveled fully homomorphic signatures from standard lattices. In: 47th ACM STOC. ACM Press (2015).Google Scholar
  27. 27.
    Green M., Hohenberger S.: Practical adaptive oblivious transfer from simple assumptions. In: Ishai Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 347–363. Springer (2011).Google Scholar
  28. 28.
    Hanaoka G., Matsuda T., Schuldt J.C.N.: On the impossibility of constructing efficient key encapsulation and programmable hash functions in prime order groups. In: Safavi-Naini R., Canetti R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 812–831. Springer (. 2012).Google Scholar
  29. 29.
    Haralambiev K., Jager T., Kiltz E., Shoup V.: Simple and efficient public-key encryption from computational Diffie-Hellman in the standard model. In: Nguyen P.Q., Pointcheval D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 1–18. Springer (2010).Google Scholar
  30. 30.
    Hofheinz D., Kiltz E.: Programmable hash functions and their applications. In: Wagner D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 21–38. Springer (2008).Google Scholar
  31. 31.
    Hofheinz D., Kiltz E.: Programmable hash functions and their applications. J. Cryptol. 25(3), 484–527 (2012).MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Hofheinz D., Jager T., Kiltz E.: Short signatures from weaker assumptions. In: Lee D.H., Wang X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 647–666. Springer (2011).Google Scholar
  33. 33.
    Johnson R., Molnar D., Song D.X., Wagner D.: Homomorphic signature schemes. In: Preneel B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer (2002).Google Scholar
  34. 34.
    Kumar R., Rajagopalan S., Sahai A.: Coding constructions for blacklisting problems without computational assumptions. In: Wiener M.J. (ed.) CRYPTO’99. LNCS, vol. 1666, pp. 609–623. Springer (1999).Google Scholar
  35. 35.
    Libert B., Peters T., Joye M., Yung M.: Linearly homomorphic structure-preserving signatures and their applications. In: Canetti R., Garay J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 289–307. Springer (2013).Google Scholar
  36. 36.
    Mitsunari S., Saka R., Kasahara M.: A new traitor tracing. IEICE Trans. E85–A(2), 481–484 (2002).Google Scholar
  37. 37.
    Schwartz J.T.: Fast probabilistic algorithms for verification of polynomial identities. J. ACM 27, 701–717 (1980).MathSciNetCrossRefzbMATHGoogle Scholar
  38. 38.
    Waters B.R.: Efficient identity-based encryption without random oracles. In: Cramer R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer (2005).Google Scholar
  39. 39.
    Yamada S., Hanaoka G., Kunihiro N.: Two-dimensional representation of cover free families and its applications: short signatures and more. In: Dunkelman O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 260–277. Springer (2012).Google Scholar
  40. 40.
    Zippel R.: Probabilistic algorithms for sparse polynomials. In: Ng E.W. (ed.) EUROSM ’79. Lecture Notes in Computer Science, vol. 72, pp. 216–226. Springer (1979).Google Scholar
  41. 41.
    Zhang J., Chen Y., Zhang Z.: Programmable hash functions from lattices: Short signatures and IBEs with small key sizes. In: Robshaw M., Katz J. (eds.) Advances in Cryptology—CRYPTO 2016. Lecture Notes in Computer Science, vol. 9816. Springer, Berlin (2016).Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2017

Authors and Affiliations

  1. 1.Dipartimento di Matematica e InformaticaUniversità di CataniaCataniaItaly
  2. 2.IMDEA Software InstituteMadridSpain
  3. 3.IMDEA Software Institute and Universidad Politécnica de MadridMadridSpain

Personalised recommendations