Cryptology ePrint Archive: Report 2014/1021

Tightly-Secure Signatures from Chameleon Hash Functions

Olivier Blazy and Saqib A. Kakvi and Eike Kiltz and Jiaxin Pan

Abstract: We give a new framework for obtaining signatures with a tight security reduction from standard hardness assumptions. Concretely, we show that any Chameleon Hash function can be transformed into a (binary) tree-based signature scheme with tight security. The transformation is in the standard model, i.e., it does not make use of any random oracle. For specific assumptions (such as RSA, Diffie-Hellman and Short Integer Solution (SIS)) we further manage to obtain a more efficient flat-tree construction. Our framework explains and generalizes most of the existing schemes as well as providing a generic means for constructing tight signature schemes based on arbitrary assumptions, which improves the standard Merkle tree transformation. Moreover, we obtain the first tightly secure signature scheme from the SIS assumption and several schemes based on Diffie-Hellman in the standard model.

Some of our signature schemes can (using known techniques) be combined with Groth-Sahai proof methodology to yield tightly secure and efficient simulation-sound NIZK proofs of knowledge and CCA-secure encryption in the multi-user/-challenge setting under classical assumptions.

Category / Keywords: foundations / digital signatures, standard model, tight reduction, chameleon hashes

Original Publication (with major differences): IACR-PKC-2015

Date: received 28 Dec 2014, last revised 28 Jun 2016

Contact author: saqib kakvi at rub de

Available format(s): PDF | BibTeX Citation

Version: 20160628:100558 (All versions of this report)

Short URL: ia.cr/2014/1021

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]