Paper 2009/060

Comparing Two Pairing-Based Aggregate Signature Schemes

Sanjit Chatterjee, Darrel Hankerson, Edward Knapp, and Alfred Menezes


In 2003, Boneh, Gentry, Lynn and Shacham (BGLS) devised the first provably-secure aggregate signature scheme. Their scheme uses bilinear pairings and their security proof is in the random oracle model. The first pairing-based aggregate signature scheme which has a security proof that does not make the random oracle assumption was proposed in 2006 by Lu, Ostrovsky, Sahai, Shacham and Waters (LOSSW). In this paper, we compare the security and efficiency of the BGLS and LOSSW schemes when asymmetric pairings derived from Barreto-Naehrig (BN) elliptic curves are employed.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
ajmeneze @ uwaterloo ca
2009-09-22: last of 2 revisions
2009-02-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sanjit Chatterjee and Darrel Hankerson and Edward Knapp and Alfred Menezes},
      title = {Comparing Two Pairing-Based Aggregate Signature Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2009/060},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.