Enhanced Aggregate Signatures from Pairings
Recently, Boneh et al. proposed the concept of an aggregate signature, introduced security models for such signatures, and also presented some applications. An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into a single short signature. This single signature, along with the n original messages will convince verifiers that the n users did indeed sign the n original messages respectively, i.e., user i signed message M i for i = 1, ..., n. In this paper, however, we find that their security model has some defects. The capacity that the adversaries possess was constrained according to the standard security definition of signatures. We propose an improvement of the Boneh’s scheme by presenting a new security model and giving a formal proof in random oracle model.
KeywordsAggregate signature security model random oracle model
Unable to display preview. Download preview PDF.
- 8.Boldyreva, A.: Efficient threshold signature, multisignature and blind signature schemes based on the gap-Diffie-Hellman-group signature scheme. In: Proceedings of PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2003)Google Scholar
- 9.IEEE P1363 Standard Specifications for Public Key Cryptography, Approved January 30 (2000)Google Scholar