Paper 2016/1175

On the Security Notions for Homomorphic Signatures

Dario Catalano, Dario Fiore, and Luca Nizzardo

Abstract

Homomorphic signature schemes allow anyone to perform computation on signed data in such a way that the correctness of computation’s results is publicly certified. In this work we analyze the security notions for this powerful primitive considered in previous work, with a special focus on adaptive security. Motivated by the complications of existing security models in the adaptive setting, we consider a simpler and (at the same time) stronger security definition inspired to that proposed by Gennaro and Wichs (ASIACRYPT’13) for homomorphic MACs. In addition to strength and simplicity, this definition has the advantage to enable the adoption of homomorphic signatures in dynamic data outsourcing scenarios, such as delegation of computation on data streams. Then, since no existing homomorphic signature satisfies this stronger notion, our main technical contribution are general compilers which turn a homomorphic signature scheme secure under a weak definition into one secure under the new stronger notion. Our compilers are totally generic with respect to the underlying scheme. Moreover, they preserve two important properties of homomorphic signatures: context-hiding (i.e. signatures on computation’s output do not reveal information about the input) and efficient verification (i.e. verifying a signature against a program P can be made faster, in an amortized, asymptotic sense, than recomputing P from scratch).

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
Digital SignaturesHomomorphic SignaturesSecurity Notions
Contact author(s)
luca nizzardo @ imdea org
History
2016-12-30: received
Short URL
https://ia.cr/2016/1175
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1175,
      author = {Dario Catalano and Dario Fiore and Luca Nizzardo},
      title = {On the Security Notions for Homomorphic Signatures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/1175},
      year = {2016},
      url = {https://eprint.iacr.org/2016/1175}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.