Paper 2014/745

Universal Signature Aggregators

Susan Hohenberger, Venkata Koppula, and Brent Waters


We introduce the concept of universal signature aggregators. In a universal signature aggregator system, a third party, using a set of common reference parameters, can aggregate a collection of signatures produced from any set of signing algorithms (subject to a chosen length constraint) into one short signature whose length is independent of the number of signatures aggregated. In prior aggregation works, signatures can only be aggregated if all signers use the same signing algorithm (e.g., BLS) and shared parameters. A universal aggregator can aggregate across schemes even in various algebraic settings (e.g., BLS, RSA, ECDSA), thus creating novel opportunities for compressing authentication overhead. It is especially compelling that existing public key infrastructures can be used and that the signers do not have to alter their behavior to enable aggregation of their signatures. We provide multiple constructions and proofs of universal signature aggregators based on indistinguishability obfuscation and other supporting primitives. We detail our techniques as well as the tradeoffs in features and security of our solutions.

Available format(s)
Publication info
Contact author(s)
k venkata vk @ gmail com
2014-09-26: received
Short URL
Creative Commons Attribution


      author = {Susan Hohenberger and Venkata Koppula and Brent Waters},
      title = {Universal Signature Aggregators},
      howpublished = {Cryptology ePrint Archive, Paper 2014/745},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.