Batch Verification of Short Signatures

Camenisch, Jan; Hohenberger, Susan; Pedersen, Michael Østergaard

doi:10.1007/978-3-540-72540-4_14

Cited by 111 publications

(22 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For instance, 3 pairing operations are required to verify a single signature. With the batch verification scheme of [30], verifying n signatures also takes 3 pairing operations instead of 3n pairing operations. In other words, the verification time of the dominant operation (i.e., paring) is independent of the number of signatures to verify.…”

Section: Batch Verificationmentioning

confidence: 99%

“…Therefore, the batch verification can dramatically decrease the time spent on verifying a large number of signatures, which can achieve much better scalability. In this paper, we propose an efficient identity-based batch verification scheme based on the improved CL signature scheme in [30].…”

Section: Batch Verificationmentioning

confidence: 99%

“…Some other batch signature schemes were proposed later [25][26][27][28][29]. The latest batch verification scheme proposed in [30] is based on the CL signature scheme [31], and is the first solution on batch verification without using random oracles, in which the computation efficiency can be significantly improved. For instance, 3 pairing operations are required to verify a single signature.…”

Section: Batch Verificationmentioning

confidence: 99%

See 2 more Smart Citations

On batch verification with group testing for vehicular communications

2011

View full text Add to dashboard Cite

In this paper, an efficient identity-based batch signature verification scheme is proposed for vehicular communications. With the proposed scheme, vehicles can verify a batch of signatures once instead of in a one-by-one manner. Hence the message verification speed can be tremendously increased. To identify invalid signatures in a batch of signatures, this paper adopts group testing technique, which can find the invalid signatures with few number of batch verifications. In addition, a trust authority in our scheme is capable of tracing a vehicle's real identity from its pseudo identity, and therefore conditional privacy preserving can also be achieved. Moreover, since identitybased cryptography is employed in the scheme to generate private keys for pseudo identities, certificates are not required and thus transmission overhead can be significantly reduced.

show abstract

Section: Batch Verificationmentioning

confidence: 99%

Section: Batch Verificationmentioning

confidence: 99%

Section: Batch Verificationmentioning

confidence: 99%

See 1 more Smart Citation

On batch verification with group testing for vehicular communications

2011

View full text Add to dashboard Cite

show abstract

“…i is the identity-based signature on r i . To keep the whole protocol efficient, one may choose an identity-based signature scheme that supports batch verification [11,28] to generate . i .…”

Section: The Proposalmentioning

confidence: 99%

Provably secure one-round identity-based authenticated asymmetric group key agreement protocol

Zhang

Qin

et al. 2011

Information Sciences

View full text Add to dashboard Cite

“…The delay caused by verifying a bulk of signatures may radically impede the transmission throughput and impair the system scalability. A possible promising approach to improve the verification efficiency is to employ batch verification [6][7][8][9][10][11], which permits verifying a large number of signatures simultaneously instead of sequentially. This decreases the number of time-consuming operations, especially when authenticating a large number of signatures.…”

Section: Introductionmentioning

confidence: 99%

An Improved Binary Authentication Tree Algorithm for Vehicular Networks

Wang

Qin²,

Domingo-Ferrer³

2012

2012 Fourth International Conference on Intelligent Networking and Collaborative Systems

View full text Add to dashboard Cite

Vehicular networks are gaining popularity because vehicular communications are able to help minimize accidents, improve traffic conditions, etc. To avoid malicious attacks and potential abuse, employing digital signatures is widely recognized as the most efficient approach for vehicular networks. However, when the number of signatures received by a roadside unit (RSU) becomes large, a scalability problem emerges immediately: it can be difficult for the RSU to sequentially verify every received signature within 100-300ms as required by the current Dedicated Short Range Communications (DSRC) broadcast protocol. Jiang et al. proposed a robust and efficient signature scheme for vehicular-to-infrastructure communications, called binary authentication tree. In this paper, we show that their binary authentication algorithm is insecure to at least two attacks. The first attack shows that the original binary authentication algorithm is universally forgeable under chosen-message attacks, i.e. the attacker can forge other vehicles' authentication on any message under chosenmessage attack. The second attack shows that the original binary authentication algorithm is universally forgeable, i.e., the attacker can forge other vehicles' authentication on any message at will. Although Jiang et al.'s scheme is insecure, it can be repaired. Using the binary authentication tree model, we repair their scheme in order to make it provably secure and efficient.

show abstract

Batch Verification of Short Signatures

Cited by 111 publications

References 32 publications

On batch verification with group testing for vehicular communications

On batch verification with group testing for vehicular communications

Provably secure one-round identity-based authenticated asymmetric group key agreement protocol

An Improved Binary Authentication Tree Algorithm for Vehicular Networks

Contact Info

Product

Resources

About