Advertisement

Designs, Codes and Cryptography

, Volume 54, Issue 2, pp 121–133 | Cite as

Efficient discrete logarithm based multi-signature scheme in the plain public key model

  • Changshe MaEmail author
  • Jian Weng
  • Yingjiu Li
  • Robert Deng
Article
First Online:

Abstract

In this paper, we provide a new multi-signature scheme that is proven secure in the plain public key model. Our scheme is practical and efficient according to computational costs, signature size and security assumptions. At first, our scheme matches the single ordinary discrete logarithm based signature scheme in terms of signing time, verification time and signature size. Secondly, our scheme requires only two rounds of interactions and each signer needs nothing more than a certified public key to produce the signature, meaning that our scheme is compatible with existing PKIs. Thirdly, our scheme has been proven secure in the random oracle model under standard discrete logarithm (DL) assumption. It outperforms a newly proposed multi-signature scheme by Bagherzandi, Cheon and Jarecki (BCJ scheme) in terms of both computational costs and signature size.

Keywords

Cryptography Digital signature Multi-signature Provable security Plain public key model 

Mathematics Subject Classifications (2000)

11T71 94A60 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Avanzi R.: On multi-exponentiation in cryptography. Cryptology ePrint Archive: Report 2002/154 (2002).Google Scholar
  2. 2.
    Bagherzandi A., Cheon J.H., Jarecki S.: Multisignatures secure under the discrete logarithm assumption and a generalized forking lemma. In: The 15th ACM Conference on Computer and Communication Security (2008).Google Scholar
  3. 3.
    Bellare M., Neven G.: Multi-signature in the plain public-key model and a genral forking lemma. In: The 13th ACM Conference on Computer and Communication Security (2006).Google Scholar
  4. 4.
    Bellare M., Rogaway P.: Random oracles are practical: a paradigm for designing efficient protocols. In: The 1st ACM Conference on Computer and Communications Security (1993).Google Scholar
  5. 5.
    Boldyreva A.: Efficient threshold signature, multisignature and blind signature schemes based on the gap-Difiie-Hellman-group signature schemes. In: Public Key Cryptography 2003. Lecture Notes in Computer Science, vol. 1567 (2003).Google Scholar
  6. 6.
    Boneh D., Lynn B., Shacham H.: Short signatures from the Weil pairing. In: Advances in Cryptology-ASIACRYPT 2001. Lecture Notes in Computer Science, vol. 2248 (2001).Google Scholar
  7. 7.
    Feige U., Shamir A.: Witness indistinguishable and witness hiding protocols. In: The 22nd Annual ACM Symposium on Theory of Computing (1990).Google Scholar
  8. 8.
    Fiat A., Shamir A.: How to prove yourself: practical solutions to identification and signature problems. In: Advances in Cryptology-CRYPTO 1986. Lecture Notes in Computer Science, vol. 263 (1986).Google Scholar
  9. 9.
    Goldwasser S., Micali S., Rivest R.: A digital signature scheme secure against adaptive chosen message attacks. SIAM J. Comput. 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Harn L.: Group-oriented (t, n) threshold digital signature scheme and digital multisignature. IEE Proc. Comput. Digit. Tech. 141(5), 307–313 (1994)zbMATHCrossRefGoogle Scholar
  11. 11.
    Housley R., Ford M., Polk W., Solo D.: Internet X.509 Public Key Infrastructure: certificate and CRL profile, http://www.ietf.org/rfc/rfc2459.txt. Accessed January 1999.
  12. 12.
    Horster P., Michels M., Petersen H.: Meta-multisignatures schemes based on the discrete logarithm problem. In: IFIP/SEC, Chapman & Hall (1995).Google Scholar
  13. 13.
    Itakura K., Nakamura K.: A public-key cryptosystem suitable for digital multisignatures. NEC Res. Dev. 71, 1–8 (1983)Google Scholar
  14. 14.
    Katz J., Wang N.: Efficiency improvements for signature schemes with tight security reductions. In: The 10th ACM Conference on Computer and Communications Security (2003).Google Scholar
  15. 15.
    Langford S.K.: Weakness in some threshold cryptosystems. In: Advances in Cryptology-CRYPTO 1996. Lecture Notes in Computer Science, vol. 1109 (1996).Google Scholar
  16. 16.
    Li C.-M., Hwang T., Lee N.-Y.: Threshold-multisignature schemes where suspected forgery implies traceability of adversarial shareholders. In: Advances in Cryptology-EUROCRYPT 1994. Lecture Notes in Computer Science, vol. 950 (1994).Google Scholar
  17. 17.
    Lu S., Ostrovsky R., Sahai A., Shacham H., Waters B.: Sequential aggregate signatures and multisignatures without random oracles. In: Advances in Cryptology-EUROCRYPT 2006. Lecture Notes in Computer Science, vol. 4004 (2006).Google Scholar
  18. 18.
    Micali S., Ohta K., Reyzin L.: Accountable-subgroup multisignatures. In: The 8th ACM Conference on Computer and Communications Security (2001).Google Scholar
  19. 19.
    Michels M., Horster P.: On the risk of disruption in several multiparty signature schemes. In: Advances in Cryptology-ASIACRYPT 1996. Lecture Notes in Computer Science, vol. 1163 (1996).Google Scholar
  20. 20.
    Moller B.: Algorithms for multi-exponentiation. In: Selected Areas in Cryptography - SAC 2001. Lecture Notes in Computer Science, vol. 2259 (2001).Google Scholar
  21. 21.
    Ohta K., Okamoto T.: A digital multisignature scheme based on the Fiat-Shamir scheme. In: Advances in Cryptology-ASIACRYPT 1991. Lecture Notes in Computer Science, vol. 739 (1991).Google Scholar
  22. 22.
    Ohta K., Okamoto T.: Multi-signature schemes secure against active insider attacks. IEICE Trans. Fundam. Electr. Commun. Comput. Sci. E82-A(1), 21–31 (1999)Google Scholar
  23. 23.
    Okamoto T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Advances in Cryptology-CRYPTO 1992. Lecture Notes in Computer Science, vol. 740 (1992).Google Scholar
  24. 24.
    Ong H., Schnorr C.-P.: Fast signature generation with a Fiat Shamir-like scheme. In: Advances in Cryptology-EUROCRYPT 1990. Lecture Notes in Computer Science, vol. 473 (1990).Google Scholar
  25. 25.
    Pointcheval D., Stern J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000)zbMATHCrossRefGoogle Scholar
  26. 26.
    Ristenpart T., Yilek S.: The power of proofs of possession: Securing multiparty signatures against rogue-key attacks. In: Advances in Cryptology-EUROCRYPT 2007. Lecture Notes in Computer Science, vol. 4515 (2007).Google Scholar
  27. 27.
    Schaad J.: Internet X.509 Public Key Infrastructure Certificate Request Message Format. Internet Engineering Task Force RFC 4211 (2005).Google Scholar
  28. 28.
    Schnorr C.-P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  • Changshe Ma
    • 1
    • 2
    Email author
  • Jian Weng
    • 2
  • Yingjiu Li
    • 2
  • Robert Deng
    • 2
  1. 1.School of ComputerSouth China Normal UniversityGuangzhouChina
  2. 2.School of Information SystemsSingapore Management UniversitySingaporeSingapore

Personalised recommendations

Cite article

Buy options