Cryptology ePrint Archive: Report 2016/1175

On the Security Notions for Homomorphic Signatures

Dario Catalano and Dario Fiore and Luca Nizzardo

Abstract: Homomorphic signature schemes allow anyone to perform computation on signed data in such a way that the correctness of computationís results is publicly certified. In this work we analyze the security notions for this powerful primitive considered in previous work, with a special focus on adaptive security. Motivated by the complications of existing security models in the adaptive setting, we consider a simpler and (at the same time) stronger security definition inspired to that proposed by Gennaro and Wichs (ASIACRYPTí13) for homomorphic MACs. In addition to strength and simplicity, this definition has the advantage to enable the adoption of homomorphic signatures in dynamic data outsourcing scenarios, such as delegation of computation on data streams. Then, since no existing homomorphic signature satisfies this stronger notion, our main technical contribution are general compilers which turn a homomorphic signature scheme secure under a weak definition into one secure under the new stronger notion. Our compilers are totally generic with respect to the underlying scheme. Moreover, they preserve two important properties of homomorphic signatures: context-hiding (i.e. signatures on computationís output do not reveal information about the input) and efficient verification (i.e. verifying a signature against a program P can be made faster, in an amortized, asymptotic sense, than recomputing P from scratch).

Category / Keywords: public-key cryptography / Digital Signatures, Homomorphic Signatures, Security Notions

Date: received 22 Dec 2016

Contact author: luca nizzardo at imdea org

Available format(s): PDF | BibTeX Citation

Version: 20161230:193511 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]