Paper 2024/625
Interactive Threshold Mercurial Signatures and Applications
Abstract
Equivalence class signatures allow a controlled form of malleability based on equivalence classes defined over the message space. As a result, signatures can be publicly randomized and adapted to a new message representative in the same equivalence class. Notably, security requires that an adapted signature-message pair looks indistinguishable from a random signature-message pair in the space of valid signatures for the new message representative. Together with the decisional Diffie-Hellman assumption, this yields an unlinkability notion (class-hiding), making them a very attractive building block for privacy-preserving primitives. Mercurial signatures are an extension of equivalence class signatures that allow malleability for the key space. Unfortunately, the most efficient construction to date suffers a severe limitation that limits their application: only a weak form of public key class-hiding is supported. In other words, given knowledge of the original signing key and randomization of the corresponding public key, it is possible to identify whether they are related. In this work, we put forth the notion of interactive threshold mercurial signatures and show how they help to overcome the above-mentioned limitation. Moreover, we present constructions in the two-party and multi-party settings, assuming at least one honest signer. We also discuss related applications, including blind signatures, multi-signatures, and threshold ring signatures. To showcase the practicality of our approach, we implement the proposed constructions, comparing them against related alternatives.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Equivalence class signaturesmercurial signaturesmulti-signaturesthreshold signaturesunlinkability
- Contact author(s)
-
nanri masaya 26n @ st kyoto-u ac jp
octavio perezkempner @ ntt com
mehdi tibouchi @ ntt com
msyk abe @ ntt com - History
- 2024-04-26: approved
- 2024-04-23: received
- See all versions
- Short URL
- https://ia.cr/2024/625
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/625, author = {Masaya Nanri and Octavio Perez Kempner and Mehdi Tibouchi and Masayuki Abe}, title = {Interactive Threshold Mercurial Signatures and Applications}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/625}, year = {2024}, url = {https://eprint.iacr.org/2024/625} }