Paper 2024/1368
Tightly Secure Non-Interactive BLS Multi-Signatures
Abstract
Due to their simplicity, compactness, and algebraic structure, BLS signatures are among the most widely used signatures in practice. For example, used as multi-signatures, they are integral in Ethereum's proof-of-stake consensus. From the perspective of concrete security, however, BLS (multi-)signatures suffer from a security loss linear in the number of signing queries. It is well-known that this loss can not be avoided using current proof techniques. In this paper, we introduce a new variant of BLS multi-signatures that achieves tight security while remaining fully compatible with regular BLS. In particular, our signatures can be seamlessly combined with regular BLS signatures, resulting in regular BLS signatures. Moreover, it can easily be implemented using existing BLS implementations in a black-box way. Our scheme is also one of the most efficient non-interactive multi-signatures, and in particular more efficient than previous tightly secure schemes. We demonstrate the practical applicability of our scheme by showing how proof-of-stake protocols that currently use BLS can adopt our variant for fully compatible opt-in tight security.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- A minor revision of an IACR publication in ASIACRYPT 2024
- Keywords
- Non-InteractiveMulti-SignaturesBLS SignaturesTightnessPairings
- Contact author(s)
-
renas bacho @ cispa de
benedikt wagner @ ethereum org - History
- 2024-09-02: approved
- 2024-08-30: received
- See all versions
- Short URL
- https://ia.cr/2024/1368
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1368, author = {Renas Bacho and Benedikt Wagner}, title = {Tightly Secure Non-Interactive {BLS} Multi-Signatures}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1368}, year = {2024}, url = {https://eprint.iacr.org/2024/1368} }