Paper 2018/191

Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys

Michael Backes, Lucjan Hanzlik, Kamil Kluczniak, and Jonas Schneider


We introduce a new cryptographic primitive called signatures with flexible public key (SFPK). We divide the key space into equivalence classes induced by a relation $\mathcal{R}$. A signer can efficiently change his or her key pair to a different representatives of the same class, but without a trapdoor it is hard to distinguish if two public keys are related. Our primitive is motivated by structure-preserving signatures on equivalence classes (SPSEQ), where the partitioning is done on the message space. Therefore, both definitions are complementary and their combination has various applications. We first show how to efficiently construct static group signatures and self-blindable certificates by combining the two primitives. When properly instantiated, the result is a group signature scheme that has a shorter signature size than the current state-of-the-art scheme by Libert, Peters, and Yung from Crypto'15, but is secure in the same setting. In its own right, our primitive has stand-alone applications in the cryptocurrency domain, where it can be seen as a straightforward formalization of so-called stealth addresses. Finally, it can be used to build the first efficient ring signature scheme in the plain model without trusted setup, where signature size depends only sub-linearly on the number of ring members. Thus, we solve an open problem stated by Malavolta and Schr{ö}der at ASIACRYPT'2017.

Note: An extended abstract of this paper will appear at ASIACRYPT 2018.

Available format(s)
Publication info
A major revision of an IACR publication in ASIACRYPT 2018
flexible public keyequivalence classesstealth addressesring signaturesgroup signatures
Contact author(s)
schneider @ cs uni-saarland de
2018-09-20: revised
2018-02-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Michael Backes and Lucjan Hanzlik and Kamil Kluczniak and Jonas Schneider},
      title = {Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys},
      howpublished = {Cryptology ePrint Archive, Paper 2018/191},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.