Paper 2022/1611

Efficient Aggregatable BLS Signatures with Chaum-Pedersen Proofs

Jeff Burdges, Web3 Foundation
Oana Ciobotaru, Web3 Foundation
Syed Lavasani, Web3 Foundation
Alistair Stewart, Web3 Foundation

BLS signatures have fast aggregated signature verification but slow individual signature verification. We propose a three part optimisation that dramatically reduces CPU time in large distributed system using BLS signatures: First, public keys should be given on both source groups $\mathbb{G}_1$ and $\mathbb{G}_2$, with a proof-of-possession check for correctness. Second, aggregated BLS signatures should carry their particular aggregate public key in $\mathbb{G}_2$, so that verifiers can do both hash-to-curve and aggregate public key checks in $\mathbb{G}_1$. Third, individual non-aggregated BLS signatures should carry short Chaum-Pedersen DLEQ proofs of correctness, so that verifying individual signatures no longer requires pairings, which makes their verification much faster. We prove security for these optimisations. The proposed scheme is implemented and benchmarked to compare with classic BLS scheme.

Note: Corrected reference

Available format(s)
Cryptographic protocols
Publication info
aggregated BLS signatures proofs-of-possession Chaum-Pedersen proofs efficient verification
Contact author(s)
jeff @ web3 foundation
oana ciobotaru @ gmail com
syed @ web3 foundation
stewart al @ gmail com
2022-11-30: last of 7 revisions
2022-11-18: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jeff Burdges and Oana Ciobotaru and Syed Lavasani and Alistair Stewart},
      title = {Efficient Aggregatable BLS Signatures with Chaum-Pedersen Proofs},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1611},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.