Advertisement

Unrestricted Aggregate Signatures

  • Mihir Bellare
  • Chanathip Namprempre
  • Gregory Neven
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4596)

Abstract

Secure use of the BGLS [1] aggregate signature schemes is restricted to the aggregation of distinct messages (for the basic scheme) or per-signer distinct messages (for the enhanced, prepend-public-key version of the scheme). We argue that these restrictions preclude interesting applications, make usage of the schemes error-prone and are generally undesirable in practice. Via a new analysis and proof, we show how the restrictions can be lifted, yielding the first truly unrestricted aggregate signature scheme. Via another new analysis and proof, we show that the distinct signer restriction on the sequential aggregate signature schemes of [2] can also be dropped, yielding an unrestricted sequential aggregate signature scheme.

Keywords

Signature Scheme Random Oracle Random Oracle Model Honest Signer Aggregate Signature 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) Advances in Cryptology – EUROCRPYT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Lysyanskaya, A., Micali, S., Reyzin, L., Shacham, H.: Sequential aggregate signatures from trapdoor permutations. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 74–90. Springer, Heidelberg (2004)Google Scholar
  3. 3.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Intergovernmental Oceanographic Commission of UNESCO: Towards the establishment of a tsunami warning and mitigation system for the Indian Ocean (Last accessed, April 13, 2007), available at http://ioc3.unesco.org/indotsunami/
  5. 5.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: A survey of two signature aggregation techniques. RSA’s CryptoBytes 6(2) (2003)Google Scholar
  6. 6.
    Bellare, M., Yung, M.: Certifying permutations: Noninteractive zero-knowledge based on any trapdoor permutation. Journal of Cryptology 9(3), 149–166 (1996)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Bellare, M., Namprempre, C., Neven, G.: Unrestricted aggregate signatures. Full version of this paper (2006), available from http://eprint.iacr.org/2006/285
  8. 8.
    Katz, J., Wáng, N.: Efficiency improvements for signature schemes with tight security reductions. In: ACM CCS 2003, pp. 155–164. ACM Press, New York (2003)CrossRefGoogle Scholar
  9. 9.
    Lu, S., Ostrovsky, R., Sahai, A., Shacham, H., Waters, B.: Sequential aggregate signatures and multisignatures without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Bellare, M., Boldyreva, A., Staddon, J.: Randomness re-use in multi-recipient encryption schemes. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 85–99. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Boldyreva, A.: Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM CCS 1993, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  13. 13.
    Shacham, H.: New Paradigms in Signature Schemes. PhD thesis, Stanford University (2005)Google Scholar
  14. 14.
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Mihir Bellare
    • 1
  • Chanathip Namprempre
    • 2
  • Gregory Neven
    • 3
  1. 1.Department of Computer Science & Engineering, University of California San Diego, La Jolla, CA 92093USA
  2. 2.Electrical Engineering Department, Faculty of Engineering, Thammasat University, Klong Lueng, Patumtani 12120Thailand
  3. 3.Department of Electrical Engineering, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, B-3001 Heverlee-LeuvenBelgium

Personalised recommendations