Paper 2020/524

Efficient Signatures on Randomizable Ciphertexts

Balthazar Bauer and Georg Fuchsbauer


Randomizable encryption lets anyone randomize a ciphertext so it is distributed like a fresh encryption of the same plaintext. Signatures on randomizable ciphertexts (SoRC), introduced by Blazy et al. (PKC'11), let one adapt a signature on a ciphertext to a randomization of the latter. Since signatures can only be adapted to ciphertexts that encrypt the same message as the signed ciphertext, signatures obliviously authenticate plaintexts. SoRC have been used as a building block in e-voting, blind signatures and (delegatable) anonymous credentials. We observe that SoRC can be seen as signatures on equivalence classes (JoC'19), another primitive with many applications to anonymous authentication, and that SoRC provide better anonymity guarantees. We first strengthen the unforgeability notion for SoRC and then give a scheme that provably achieves it in the generic group model. Signatures in our scheme consist of only 4 bilinear-group elements, which is considerably more efficient than prior schemes.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
anonymitydigital signatures
Contact author(s)
georg fuchsbauer @ tuwien ac at
2020-05-06: revised
2020-05-05: received
See all versions
Short URL
Creative Commons Attribution


      author = {Balthazar Bauer and Georg Fuchsbauer},
      title = {Efficient Signatures on Randomizable Ciphertexts},
      howpublished = {Cryptology ePrint Archive, Paper 2020/524},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.