Sequential Aggregate Signatures Made Shorter

Lee, Kwangsu; Lee, Dong Hoon; Yung, Moti

doi:10.1007/978-3-642-38980-1_13

Cited by 12 publications

(2 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To reduce the size of pubic keys in PKAS schemes, Schröder proposed the CL signature based scheme discussed above [33]. Recently, Lee et al [26,27] proposed an efficient sequential PKAS scheme with short public keys and proved its security without random oracles under static assumptions.…”

Section: Related Workmentioning

confidence: 99%

Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

Lee

Yung

2013

Financial Cryptography and Data Security

Self Cite

View full text Add to dashboard Cite

Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short (called aggregate) signature. The notion has many applications where compressing the signature space is important: secure routing protocols, compressed certificate chain signature, software module authentications, and secure high-scale repositories and logs for financial transactions. In spite of its importance, the state of the art of the primitive is that it has not been easy to devise a suitable aggregate signature scheme that satisfies the conditions of real applications, with reasonable parameters: short public key size, short aggregate signatures size, and efficient aggregate signing/verification. In this paper, we propose aggregate signature schemes based on the Camenisch-Lysyanskaya (CL) signature scheme (Crypto 2004) whose security is reduced to that of CL signature which substantially improve efficiency conditions for real applications.• We first propose an efficient sequential aggregate signature scheme with the shortest size public key, to date, and very efficient aggregate verification requiring only a constant number of pairing operations and l number of exponentiations (l being the number of signers).• Next, we propose an efficient synchronized aggregate signature scheme with a very short public key size, and with the shortest (to date) size of aggregate signatures among synchronized aggregate signature schemes. Signing and aggregate verification are very efficient: they take constant number of pairing operations and l number of exponentiations, as well.• Finally, we introduce a new notion of aggregate signature named combined aggregate signature that allows a signer to dynamically use two modes of aggregation "sequential" and "synchronized," employing the same private/public key. We also present an efficient combined aggregate signature based on our previous two aggregate signature schemes. This combined-mode scheme allows for application flexibility depending on real world scenario: For example, it can be used sequentially to sign incrementally generated legal documents, and synchronously to aggregate the end-of-day logs of all branches of an institute into a single location with a single aggregate signature.

show abstract

Section: Related Workmentioning

confidence: 99%

Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

Lee

Yung

2013

Financial Cryptography and Data Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…After the ground‐breaking work of Boneh et al ., many AS schemes using the public key infrastructure were proposed for traditional applications. In those AS schemes, a certification authority is responsible for the management of the user's certificate, which is produced by the certification authority to establish connection between the user's identity and the user's public key (PK) .…”

Section: Introductionmentioning

confidence: 99%

Insecurity of a certificateless aggregate signature scheme

Zhang

2016

Security Comm Networks

View full text Add to dashboard Cite

As an important kind of digital signature, the aggregate signature could aggregate n signatures into a signature and verify those signatures simultaneously. It is suitable for the constrained environment with limited ability of computation and communication. Recently, Chen et al. proposed a certificateless aggregate signature scheme to improve the performance of the verification. This paper proposes two concrete attacks against the certificateless aggregate signature scheme of Chen et al. to show that their scheme is not secure for practical applications, that is, the adversary can forge a signature of any message easily.

show abstract

A Practical Lattice-Based Sequential Aggregate Signature

Wang

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Sequential Aggregate Signatures Made Shorter

Cited by 12 publications

References 27 publications

Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

Aggregating CL-Signatures Revisited: Extended Functionality and Better Efficiency

Insecurity of a certificateless aggregate signature scheme

A Practical Lattice-Based Sequential Aggregate Signature

Contact Info

Product

Resources

About