Paper 2006/285

Unrestricted Aggregate Signatures

Mihir Bellare, Chanathip Namprempre, and Gregory Neven

Abstract

Secure use of the BGLS aggregate signature schemes is restricted to the aggregation of distinct messages (for the basic scheme) or per-signer distinct messages (for the enhanced, prepend-public-key version of the scheme). We argue that these restrictions preclude interesting applications, make usage of the schemes error-prone and are generally undesirable in practice. Via a new analysis and proof, we show how the restrictions can be lifted, yielding the first truly unrestricted aggregate signature scheme. Via another new analysis and proof, we show that the distinct signer restriction on the sequential aggregate signature schemes of Lysyanskaya et al. can also be dropped, yielding an unrestricted sequential aggregate signature scheme. Finally, we present variants of these schemes with tight security reductions.

Metadata
Available format(s)
PDF PS
Publication info
Published elsewhere. Preliminary version in ICALP 2007. This is the full version.
Keywords
Aggregate signaturessequential aggregate signatures
Contact author(s)
Gregory Neven @ esat kuleuven be
History
2007-05-15: revised
2006-08-22: received
See all versions
Short URL
https://ia.cr/2006/285
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/285,
      author = {Mihir Bellare and Chanathip Namprempre and Gregory Neven},
      title = {Unrestricted Aggregate Signatures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/285},
      year = {2006},
      url = {https://eprint.iacr.org/2006/285}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.