Multi-signatures in the plain public-key model and a general forking lemma

Multi-signatures in the plain public-key model and a general forking lemma (2006)

Cached

Download Links

[www.cs.ucsd.edu]
[www.cse.ucsd.edu]

Other Repositories/Bibliography

DBLP

by Mihir Bellare

Venue:	In ACM CCS 06
Citations:	12 - 3 self

BibTeX

@INPROCEEDINGS{Bellare06multi-signaturesin,
    author = {Mihir Bellare},
    title = {Multi-signatures in the plain public-key model and a general forking lemma},
    booktitle = {In ACM CCS 06},
    year = {2006},
    pages = {390--399},
    publisher = {ACM Press}
}

Bookmark

OpenURL

Abstract

A multi-signature scheme enables a group of signers to produce a compact, joint signature on a common document, and has many potential uses. However, existing schemes impose key setup or PKI requirements that make them impractical, such as requiring a dedicated, distributed key generation protocol amongst potential signers, or assuming strong, concurrent zero-knowledge proofs of knowledge of secret keys done to the CA at key registration. These requirements limit the use of the schemes. We provide a new scheme that is proven secure in the plain public-key model, meaning requires nothing more than that each signer has a (certified) public key. Furthermore, the important simplification in key management achieved is not at the cost of efficiency or assurance: our scheme matches or surpasses known ones in terms of signing time, verification time and signature size, and is proven secure in the random-oracle model under a standard (not bilinear map related) assumption. The proof is based on a simplified and general Forking Lemma that may be of independent interest.

Citations

1130	Random oracles are practical: A paradigm for designing efficient protocols - Bellare, Rogaway - 1993
706	A.: How to prove yourself: Practical solutions to identification and signature problems - Fiat, Shamir - 1986
512	Efficient signature generation for smart cards - Schnorr - 1991
460	signatures from the Weil pairing - Boneh, Lynn, et al.
289	Zero Knowledge Proofs of Identity - Feige, Fiat, et al. - 1987
227	Security arguments for digital signatures and blind signatures - Pointcheval, Stern
182	Aggregate and verifiably encrypted signatures from bilinear maps - Boneh, Gentry, et al. - 2003
131	Provably secure and practical identification schemes and corresponding signature schemes - Okamoto - 1993
130	Efficient threshold signatures, multisignatures and blind signatures based on the GapDiffie-Hellman-group signature scheme - Boldyreva
122	Efficient Identity Based Signature Schemes Based on Pairings - Hess - 2002
121	On Defining Proofs of Knowledge - Bellare, Goldreich - 1993
66	A new forward-secure digital signature scheme - Abdalla, Reyzin - 2000
60	Energy aware lossless data compression - Barr, Asanovic - 2003
57	Zero-knowledge proofs of knowledge without interaction - Santis, Persiano - 1992
49	GQ and Schnorr Identification Schemes: Proofs of Security against Impersonation under Active and Concurrent Attacks - Bellare, Palacio - 2002
41	Accountable-subgroup Multisignatures. On proceedings - Micali, Ohta, et al. - 2001
41	Fast Signature Generation with a Fiat-Shamir-Like Scheme - Ong, Schnorr - 1991
39	Sequential Aggregate Signatures from Trapdoor Permutations - Lysyanskaya, Micali, et al. - 2004
33	A modification of the Fiat-Shamir scheme - Ohta, Okamoto - 1990
29	A “paradoxical” indentity-based signature scheme resulting from zero-knowledge - Guillou, Quisquater - 1990
26	From identification to signatures via the Fiat-Shamir transform: Minimizing assumptions for security and forward-security - Abdalla, An, et al. - 2002
26	A public-key cryptosystem suitable for digital multisignature - Itakura, Nakamura - 1983
26	Sequential aggregate signatures and multisignatures without random oracles - Lu, Ostrovsky, et al.
24	Efficiency improvements for signature schemes with tight security reductions - Katz, Wang - 2003
23	Design validations for discrete logarithm based signature schemes - Brickell, Pointcheval, et al. - 2000
22	A digital multisignature scheme based on the Fiat-Shamir scheme - Ohta, Okamoto - 1993
20	Pairings for Cryptographers’, Cryptology ePrint Archive - Galbraith, Paterson, et al. - 2006
19	Group-oriented (t, n) threshold digital signature scheme and digital multisignature - Harn
19	Multisignature schemes secure against active insider attacks - Ohta, Okamoto - 1999
13	Meta-multisignature schemes based on the discrete logarithm problem - Horster, Michels, et al. - 1995
13	Threshold-multisignature schemes where suspected forgery implies traceability of adversarial shareholders - Li, Hwang, et al. - 1995
11	Forking lemmas for ring signature schemes - Herranz, Sáez - 2003
10	An RSA family of trap-door permutations with a common domain and its applications - Hayashi, Okamoto, et al. - 2004
9	Communication-Efficient Non-Interactive Proofs of Knowledge with Online Extractors - Fischlin - 2005
8	Weaknesss in some threshold cryptosystems - Langford - 1996
8	Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", RFC 4211 - Schaad - 2005
7	On the risk of disruption in several multiparty signature schemes - Michels, Horster - 1996
2	Unrestricted aggregate signatures. Cryptology ePrint Archive, Report 2006/285 - Bellare, Namprempre, et al. - 2006
1	New multi-signatures and a general forking lemma. Full version of this paper, available from http://www.cs.ucsd.edu/users/mihir - Bellare, Neven - 2006