Paper 2010/233

Commuting Signatures and Verifiable Encryption and an Application to Non-Interactively Delegatable Credentials

Georg Fuchsbauer

Abstract

Verifiable encryption allows to encrypt a signature and prove that the plaintext is valid. We introduce a new primitive called commuting signature that extends verifiable encryption in multiple ways: a signer can encrypt both signature and message and prove validity; more importantly, given a ciphertext, a signer can create a verifiably encrypted signature on the encrypted message; thus signing and encrypting commute. We instantiate commuting signatures using the proof system by Groth and Sahai (EUROCRYPT '08) and the automorphic signatures by Fuchsbauer (ePrint report 2009/320). As an application, we give an instantiation of delegatable anonymous credentials, a powerful primitive introduced by Belenkiy et al. (CRYPTO '09). Our instantiation is arguably simpler than theirs and it is the first to provide non-interactive issuing and delegation, which is a standard requirement for non-anonymous credentials. Moreover, the size of our credentials and the cost of verification are less than half of those of the only previous construction, and efficiency of issuing and delegation is increased even more significantly. All our constructions are proved secure in the standard model.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
anonymitycredentialsdigital signatureselliptic curve cryptosystem
Contact author(s)
fuchsbau @ di ens fr
History
2010-04-28: received
Short URL
https://ia.cr/2010/233
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/233,
      author = {Georg Fuchsbauer},
      title = {Commuting Signatures and Verifiable Encryption and an Application to Non-Interactively Delegatable Credentials},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/233},
      year = {2010},
      url = {https://eprint.iacr.org/2010/233}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.