Paper 2024/1477

Signature-based Witness Encryption with Compact Ciphertext

Gennaro Avitabile, IMDEA Software Institute
Nico Döttling, CISPA Helmholtz Center for Information Security
Bernardo Magri, University of Manchester, Primev
Christos Sakkas, University of Manchester
Stella Wohnig, CISPA Helmholtz Center for Information Security, Saarland University
Abstract

Signature-based witness encryption (SWE) is a recently proposed notion that allows to encrypt a message with respect to a tag $T$ and a set of signature verification keys. The resulting ciphertext can only be decrypted by a party who holds at least $k$ different valid signatures w.r.t. $T$ and $k$ different verification keys out of the $n$ keys specified at encryption time. Natural applications of this primitive involve distributed settings (e.g., blockchains), where multiple parties sign predictable messages, such as polling or randomness beacons. However, known SWE schemes without trusted setup have ciphertexts that scale linearly in the number of verification keys. This quickly becomes a major bottleneck as the system gets more distributed and the number of parties increases. Towards showing the feasibility of SWE with ciphertext size sub-linear in the number of keys, we give a construction based on indistinguishability obfuscation (iO) for Turing machines and strongly puncturable signatures (SPS).

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2024
Keywords
identity-based encryptionsecret sharingmultiparty computation
Contact author(s)
gennaro avitabile @ imdea org
doettling @ cispa de
bernardo magri @ manchester ac uk
christos sakkas @ manchester ac uk
stella wohnig @ cispa de
History
2024-09-21: approved
2024-09-21: received
See all versions
Short URL
https://ia.cr/2024/1477
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1477,
      author = {Gennaro Avitabile and Nico Döttling and Bernardo Magri and Christos Sakkas and Stella Wohnig},
      title = {Signature-based Witness Encryption with Compact Ciphertext},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1477},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1477}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.