A Unified Framework for Trapdoor-Permutation-Based Sequential Aggregate Signatures

Gentry, Craig; O’Neill, Adam; Reyzin, Leonid

doi:10.1007/978-3-319-76581-5_2

Cited by 14 publications

(10 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Using larger groups would not only carry a significant performance penalty, but also force us to construct custom large blocklength block ciphers. Although this can be done (and has been for RSA groups [GOR18], where our approach would not work), the analysis is tricky.…”

Section: Implementing the Shine Schemesmentioning

confidence: 99%

Fast and Secure Updatable Encryption

Boyd

Davies

Gjøsteen

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Section: Implementing the Shine Schemesmentioning

confidence: 99%

Fast and Secure Updatable Encryption

Boyd

Davies

Gjøsteen

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…In contrast to aggregate signature, multisignature scheme allows multisigners to jointly sign only one message. This scheme was first introduced in [36], and then it has been the topic of many other works such as [25,[37][38][39][40][41][42][43], to name a few. At ACM CCS'01, Micali el al.…”

Section: Signaturementioning

confidence: 99%

“…That means it needs rounds to generate a multisignature, is the size of the aggregating set. In [4], each signer needs to broadcast a value to ( − 1) other signers and receives ( − 1) values from ( − 1) other signers before generating multisignature as in usual noninteractive scheme [40][41][42]. In our scheme, in the first round, PKG relies on the description of the aggregating set and messages to compute four elements and sends them to signers, all signers then based on these values to generate aggregate multisignature as in usual noninteractive scheme [40][41][42].…”

Section: Our Contribution Andmentioning

confidence: 99%

A Short Server-Aided Certificateless Aggregate Multisignature Scheme in the Standard Model

Trinh

2019

Security and Communication Networks

View full text Add to dashboard Cite

Aggregate signature scheme allows each signer to sign a different message and then all those signatures are aggregated into a single short signature. In contrast, multisignature scheme allows multisigners to jointly sign only one message. Aggregate multisignature scheme is a combination of both aforementioned signature schemes, where signers can choose to generate either a multisignature or an aggregate signature. This combination scheme has many concrete application scenarios such as Bitcoin blockchain, Healthcare, Multicast Acknowledgment Aggregation, and so on. On the other hand, to deal with the problems of expensive certificates in certified public key cryptography and key escrow in identity-based cryptography, the notion of certificateless public key cryptography has been introduced by Riyami and Paterson at Asiacrypt'03. In this paper, we propose the first certificateless aggregate multisignature scheme that achieves the constant-size of signature and is secure in the standard model under a generalization of the Diffie-Hellman exponent assumption. In our scheme, however, the signature is generated with the help of the authority.

show abstract

“…Applications of aggregate signature schemes include the Secure Border Gateway protocol [ 2 ] , vehicular Ad‐Hoc network [ 3 ] , certificate chains in public‐key infrastructures. A number of aggregate signature schemes have been proposed [ 4 – 12 ] . The scheme in Ref.…”

Section: Introductionmentioning

confidence: 99%

Extraction Security of Sequential Aggregate Signatures

Zhang

Liu

Chen

2021

Chinese J of Electronics

View full text Add to dashboard Cite

Aggregate signature schemes enable anyone to compress many signatures into one. Besides the unforgeability of aggregate signature, another property called aggregate extraction sometimes is useful. In sequential aggregate signature schemes, the aggregate signature is computed incrementally by the signers. We introduce extraction security in the sequential context which can be seen as an analogy of aggregate extraction introduced by Boneh et al. in CRYPTO 2003. In addition to the practical meaning, it also has benefits in the construction of hierarchical identity‐based signatures as we will point out. We study several well known aggregate signature schemes and prove some of them satisfy extraction security.

show abstract

A Unified Framework for Trapdoor-Permutation-Based Sequential Aggregate Signatures

Cited by 14 publications

References 28 publications

Fast and Secure Updatable Encryption

Fast and Secure Updatable Encryption

A Short Server-Aided Certificateless Aggregate Multisignature Scheme in the Standard Model

Extraction Security of Sequential Aggregate Signatures

Contact Info

Product

Resources

About