Cryptology ePrint Archive: Report 2021/377

Attacks and weaknesses of BLS aggregate signatures

Nguyen Thoi Minh Quan

Abstract: This article discusses existing attacks and known weaknesses of BLS aggregate signatures. The goal is clarify the threat model of BLS aggregate signatures, what security properties that they have and do not have. Itís unfortunate that the weaknesses are not documented anywhere in BLS RFC draft v4 [1]. Confusion, ambiguity, misunderstanding all may cause security issues in practice. We hope that this article can help cryptographic practitioners make informed decisions when using BLS aggregate signatures and deploy mitigations at the application/protocol layer because BLS aggregate signatures might not have security guarantees that you need.

Category / Keywords: public-key cryptography / BLS, aggregate signature

Date: received 21 Mar 2021, last revised 22 Mar 2021

Contact author: msuntmquan at gmail com

Available format(s): PDF | BibTeX Citation

Note: detailed discussion in denial-of-service attack

Version: 20210323:005648 (All versions of this report)

Short URL: ia.cr/2021/377


[ Cryptology ePrint archive ]