Enhanced Aggregate Signatures from Pairings

  • Zuhua Shao
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3822)


Recently, Boneh et al. proposed the concept of an aggregate signature, introduced security models for such signatures, and also presented some applications. An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into a single short signature. This single signature, along with the n original messages will convince verifiers that the n users did indeed sign the n original messages respectively, i.e., user i signed message M i for i = 1, ..., n. In this paper, however, we find that their security model has some defects. The capacity that the adversaries possess was constrained according to the standard security definition of signatures. We propose an improvement of the Boneh’s scheme by presenting a new security model and giving a formal proof in random oracle model.


Aggregate signature security model random oracle model 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Kent, S., Lynn, C., Seo, K.: Secure border gateway protocol (Secure-BGP). IEEE J. Selected Areas in Comm. 18(4), 582–592 (2000)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Okamoto, T., Pointcheval, D.: The gap problems: A new class of problems for security of cryptographic primitives. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Micali, S., Ohta, K., Reyzin, L.: Accountable-subgroup multisignatures (extended abstract). In: Proceedings of CCS 2001, pp. 245–254. ACM Press, New York (2001)CrossRefGoogle Scholar
  8. 8.
    Boldyreva, A.: Efficient threshold signature, multisignature and blind signature schemes based on the gap-Diffie-Hellman-group signature scheme. In: Proceedings of PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2003)Google Scholar
  9. 9.
    IEEE P1363 Standard Specifications for Public Key Cryptography, Approved January 30 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Zuhua Shao
    • 1
  1. 1.Department of Computer and Electronic EngineeringZhejiang University of Science and TechnologyZhejiangP.R. of China

Personalised recommendations