2005
DOI: 10.1007/11523468_36
|View full text |Cite
|
Sign up to set email alerts
|

Append-Only Signatures

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
37
0

Year Published

2005
2005
2018
2018

Publication Types

Select...
7
2

Relationship

0
9

Authors

Journals

citations
Cited by 42 publications
(37 citation statements)
references
References 14 publications
0
37
0
Order By: Relevance
“…Other redactable signature schemes emerged since then, e.g., [9,24,1,22]. Second, Kiltz et al introduced append-only signatures [20]. Redactable and append-only malleable signature schemes would allow a third party to modify the signed message without requiring a secret key of their own.…”
Section: Definition 2 (Contingency:) Contingency Describes the Verifmentioning
confidence: 99%
“…Other redactable signature schemes emerged since then, e.g., [9,24,1,22]. Second, Kiltz et al introduced append-only signatures [20]. Redactable and append-only malleable signature schemes would allow a third party to modify the signed message without requiring a secret key of their own.…”
Section: Definition 2 (Contingency:) Contingency Describes the Verifmentioning
confidence: 99%
“…Herranz and Galindo et al [27,23] obtain results about identity-based signature schemes permitting aggregation of signatures from the same signer only. Append-only signatures [31] is an interesting public-key primitive suggested for use in S-BGP route attestation, but no construction yielding less than ω( √ n)-size signatures for n signers is currently known. We clarify that [24] appears to be the only previous (non-interactive) identity-based aggregate signature scheme in the literature; another recent scheme of [18] is interactive.…”
Section: Identity-based Sequential Aggregate Signaturesmentioning
confidence: 99%
“…Similarly, HIBS can be constructed from any signature scheme, e.g., via the certification approach [17] by Gentry and Silverberg or via Append-Only Signatures due to Kiltz, Mityagin, Panjwani, and Raghavan [20]. Here, the key extraction authority basically emulates a public-key infrastructure: It generates a new public key for each identity and issues a certificate, binding the key to the identity.…”
Section: Introductionmentioning
confidence: 99%