Paper 2010/233
Commuting Signatures and Verifiable Encryption and an Application to Non-Interactively Delegatable Credentials
Georg Fuchsbauer
Abstract
Verifiable encryption allows to encrypt a signature and prove that the plaintext is valid. We introduce a new primitive called commuting signature that extends verifiable encryption in multiple ways: a signer can encrypt both signature and message and prove validity; more importantly, given a ciphertext, a signer can create a verifiably encrypted signature on the encrypted message; thus signing and encrypting commute. We instantiate commuting signatures using the proof system by Groth and Sahai (EUROCRYPT '08) and the automorphic signatures by Fuchsbauer (ePrint report 2009/320). As an application, we give an instantiation of delegatable anonymous credentials, a powerful primitive introduced by Belenkiy et al. (CRYPTO '09). Our instantiation is arguably simpler than theirs and it is the first to provide non-interactive issuing and delegation, which is a standard requirement for non-anonymous credentials. Moreover, the size of our credentials and the cost of verification are less than half of those of the only previous construction, and efficiency of issuing and delegation is increased even more significantly. All our constructions are proved secure in the standard model.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- anonymitycredentialsdigital signatureselliptic curve cryptosystem
- Contact author(s)
- fuchsbau @ di ens fr
- History
- 2010-04-28: received
- Short URL
- https://ia.cr/2010/233
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/233, author = {Georg Fuchsbauer}, title = {Commuting Signatures and Verifiable Encryption and an Application to Non-Interactively Delegatable Credentials}, howpublished = {Cryptology {ePrint} Archive, Paper 2010/233}, year = {2010}, url = {https://eprint.iacr.org/2010/233} }