Paper 2005/313

Deterministic Identity-Based Signatures for Partial Aggregation

Javier Herranz


Aggregate signatures are a useful primitive which allows to aggregate into a single and constant-length signature many signatures on different messages computed by different users. Specific proposals of aggregate signature schemes exist only for PKI-based scenarios. For identity-based scenarios, where public keys of the users are directly derived from their identities, the signature schemes proposed up to now do not seem to allow constant-length aggregation. We provide an intermediate solution to this problem, by designing a new identity-based signature scheme which allows aggregation when the signatures to be aggregated come all from the same signer. The new scheme is deterministic and enjoys some better properties than the previous proposals. We formally prove that the scheme is unforgeable, in the random oracle model, assuming that the Computational co-Diffie-Hellman problem is hard to solve.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. The Computer Journal, Volume 49, Number 3, pp. 322-330, 2006
identity-based signaturesaggregation of signaturesprovable securityrandom oracle model
Contact author(s)
jherranz @ ma4 upc edu
2010-11-24: revised
2005-09-12: received
See all versions
Short URL
Creative Commons Attribution


      author = {Javier Herranz},
      title = {Deterministic Identity-Based Signatures for Partial Aggregation},
      howpublished = {Cryptology ePrint Archive, Paper 2005/313},
      year = {2005},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.