Advertisement

Matrioska: A Compiler for Multi-key Homomorphic Signatures

  • Dario Fiore
  • Elena PagninEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11035)

Abstract

Multi-Key Homomorphic Signatures (MK-HS) enable clients in a system to sign and upload messages to an untrusted server. At any later point in time, the server can perform a computation \(C\) on data provided by \(t\) different clients, and return the output \(\mathsf {y}\) and a short signature \(\sigma _{C, \mathsf {y}}\) vouching for the correctness of \(\mathsf {y}\) as the output of the function \(C\) on the signed data. Interestingly, MK-HS enable verifiers to check the validity of the signature using solely the public keys of the signers whose messages were used in the computation. Moreover, the signatures \(\sigma _{C, \mathsf {y}}\) are succinct, namely their size depends at most linearly in the number of clients, and only logarithmically in the total number of inputs of \(C\). Existing MK-HS are constructed based either on standard assumptions over lattices (Fiore et al. ASIACRYPT’16), or on non-falsifiable assumptions (SNARKs) (Lai et al., ePrint’16). In this paper, we investigate connections between single-key and multi-key homomorphic signatures. We propose a generic compiler, called Matrioska, which turns any (sufficiently expressive) single-key homomorphic signature scheme into a multi-key scheme. Matrioska establishes a formal connection between these two primitives and is the first alternative to the only known construction under standard falsifiable assumptions. Our result relies on a novel technique that exploits the homomorphic property of a single-key HS scheme to compress an arbitrary number of signatures from t different users into only t signatures.

Notes

Acknowledgements

This work was partially supported by the COST Action IC1306 through a STSM grant to Elena Pagnin. Dario Fiore was partially supported by the Spanish Ministry of Economy under project references TIN2015-70713-R (DEDETIS), RTC-2016-4930-7 (DataMantium), and by the Madrid Regional Government under project N-Greens (ref. S2013/ICE-2731).

References

  1. 1.
    Attrapadung, N., Libert, B.: Homomorphic network coding signatures in the standard model. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 17–34. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_2CrossRefGoogle Scholar
  2. 2.
    Attrapadung, N., Libert, B., Peters, T.: Computing on authenticated data: new privacy definitions and constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 367–385. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34961-4_23CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Hoang, V.T., Rogaway, P.: Foundations of garbled circuits. In: Yu, T., Danezis, G., Gligor, V.D. (eds.) ACM CCS 2012, pp. 784–796. ACM Press (2012)Google Scholar
  4. 4.
    Boneh, D., Freeman, D., Katz, J., Waters, B.: Signing a linear subspace: signature schemes for network coding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_5CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Freeman, D.M.: Homomorphic signatures for polynomial functions. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 149–168. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_10CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Freeman, D.M.: Linearly homomorphic signatures over binary fields and new tools for lattice-based signatures. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 1–16. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_1CrossRefGoogle Scholar
  7. 7.
    Catalano, D., Fiore, D.: Practical homomorphic message authenticators for arithmetic circuits. J. Cryptol. 31(1), 23–59 (2018)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Catalano, D., Fiore, D., Gennaro, R., Vamvourellis, K.: Algebraic (trapdoor) one-way functions and their applications. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 680–699. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36594-2_38CrossRefGoogle Scholar
  9. 9.
    Catalano, D., Fiore, D., Gennaro, R., Vamvourellis, K.: Algebraic (trapdoor) one-way functions: constructions and applications. Theor. Comput. Sci. 592, 143–165 (2015)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Catalano, D., Fiore, D., Nizzardo, L.: On the security notions for homomorphic signatures. In: Preneel, B., Vercauteren, F. (eds.) ACNS 2018. LNCS, vol. 10892, pp. 183–201. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-93387-0_10CrossRefGoogle Scholar
  11. 11.
    Catalano, D., Fiore, D., Nizzardo, L.: Programmable hash functions go private: constructions and applications to (homomorphic) signatures with shorter public keys. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 254–274. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_13CrossRefGoogle Scholar
  12. 12.
    Catalano, D., Fiore, D., Warinschi, B.: Adaptive pseudo-free groups and applications. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 207–223. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_13CrossRefGoogle Scholar
  13. 13.
    Catalano, D., Fiore, D., Warinschi, B.: Efficient network coding signatures in the standard model. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 680–696. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_40CrossRefGoogle Scholar
  14. 14.
    Catalano, D., Fiore, D., Warinschi, B.: Homomorphic signatures with efficient verification for polynomial functions. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 371–389. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_21CrossRefGoogle Scholar
  15. 15.
    Catalano, D., Marcedone, A., Puglisi, O.: Authenticating computation on groups: new homomorphic primitives and applications. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 193–212. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_11CrossRefGoogle Scholar
  16. 16.
    Desmedt, Y.: Computer security by redefining what a computer is. In: NSPW (1993)Google Scholar
  17. 17.
    Fiore, D., Mitrokotsa, A., Nizzardo, L., Pagnin, E.: Multi-key homomorphic authenticators. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 499–530. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53890-6_17CrossRefGoogle Scholar
  18. 18.
    Fiore, D., Pagnin, E.: Matrioska: a compiler for multi-key homomorphic signatures. IACR Cryptology ePrint Archive (2018)Google Scholar
  19. 19.
    Freeman, D.M.: Improved security for linearly homomorphic signatures: a generic framework. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 697–714. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_41CrossRefGoogle Scholar
  20. 20.
    Gennaro, R., Katz, J., Krawczyk, H., Rabin, T.: Secure network coding over the integers. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 142–160. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13013-7_9CrossRefGoogle Scholar
  21. 21.
    Gennaro, R., Wichs, D.: Fully homomorphic message authenticators. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 301–320. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42045-0_16CrossRefGoogle Scholar
  22. 22.
    Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, pp. 99–108. ACM Press (2011)Google Scholar
  23. 23.
    Gorbunov, S., Vaikuntanathan, V., Wichs, D.: Leveled fully homomorphic signatures from standard lattices. In: Proceedings of the Forty-Seventh Annual ACM Symposium on Theory of Computing, pp. 469–477. ACM (2015)Google Scholar
  24. 24.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45760-7_17CrossRefGoogle Scholar
  25. 25.
    Lai, R.W., Tai, R.K., Wong, H.W., Chow, S.S.: Multi-key homomorphic signatures unforgeable under insider corruption. IACR Cryptology ePrint Archive 2016/834 (2016)Google Scholar
  26. 26.
    Libert, B., Peters, T., Joye, M., Yung, M.: Linearly homomorphic structure-preserving signatures and their applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 289–307. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_17CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.IMDEA Software InstituteMadridSpain
  2. 2.Chalmers University of TechnologyGothenburgSweden

Personalised recommendations