Cryptology ePrint Archive: Report 2006/285
Unrestricted Aggregate Signatures
Mihir Bellare and Chanathip Namprempre and Gregory Neven
Abstract: Secure use of the BGLS aggregate signature schemes is restricted to the aggregation of distinct messages (for the basic scheme) or per-signer distinct messages (for the enhanced, prepend-public-key version of the scheme). We argue that these restrictions preclude interesting applications, make usage of the schemes error-prone and are generally undesirable in practice. Via a new analysis and proof, we show how the restrictions can be lifted, yielding the first truly unrestricted aggregate signature scheme. Via another new analysis and proof, we show that the distinct signer restriction on the sequential aggregate signature schemes of Lysyanskaya et al. can also be dropped, yielding an unrestricted sequential aggregate signature scheme. Finally, we present variants of these schemes with tight security reductions.
Category / Keywords: Aggregate signatures, sequential aggregate signatures
Publication Info: Preliminary version in ICALP 2007. This is the full version.
Date: received 22 Aug 2006, last revised 14 May 2007
Contact author: Gregory Neven at esat kuleuven be
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20070515:031733 (All versions of this report)
Short URL: ia.cr/2006/285
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]