Cryptology ePrint Archive: Report 2010/233

Commuting Signatures and Verifiable Encryption and an Application to Non-Interactively Delegatable Credentials

Georg Fuchsbauer

Abstract: Verifiable encryption allows to encrypt a signature and prove that the plaintext is valid. We introduce a new primitive called commuting signature that extends verifiable encryption in multiple ways: a signer can encrypt both signature and message and prove validity; more importantly, given a ciphertext, a signer can create a verifiably encrypted signature on the encrypted message; thus signing and encrypting commute. We instantiate commuting signatures using the proof system by Groth and Sahai (EUROCRYPT '08) and the automorphic signatures by Fuchsbauer (ePrint report 2009/320). As an application, we give an instantiation of delegatable anonymous credentials, a powerful primitive introduced by Belenkiy et al. (CRYPTO '09). Our instantiation is arguably simpler than theirs and it is the first to provide non-interactive issuing and delegation, which is a standard requirement for non-anonymous credentials. Moreover, the size of our credentials and the cost of verification are less than half of those of the only previous construction, and efficiency of issuing and delegation is increased even more significantly. All our constructions are proved secure in the standard model.

Category / Keywords: public-key cryptography / anonymity, credentials, digital signatures, elliptic curve cryptosystem

Date: received 25 Apr 2010

Contact author: fuchsbau at di ens fr

Available format(s): PDF | BibTeX Citation

Version: 20100428:135704 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]