Paper 2024/625
Interactive Threshold Mercurial Signatures and Applications
Abstract
Mercurial signatures are an extension of equivalence class signatures that allow malleability for the public keys, messages, and signatures within the respective classes. Unfortunately, the most efficient construction to date suffers from a weak public key class-hiding property, where the original signer with the signing key can link the public keys in the same class. This is a severe limitation in their applications, where the signer is often considered untrustworthy of privacy. This paper presents two-party and multi-party interactive threshold mercurial signatures that overcome the above limitation by eliminating the single entity who knows the signing key. For the general case, we propose two constructions. The first follows the same interactive structure as the two-party case, avoiding complex distributed computations such as randomness generation, inversion, and multiplication, and even eliminates the need for private communication between parties. The second is based on a blueprint for general multi-party computation using verifiable secret sharing, but adopting optimizations. We show applications in anonymous credential systems that individually fit the two-party and multi-party constructions. In particular, in the two-party case, our approach provides stronger privacy by completely removing the trust in the authorities. We also discuss more applications, from blind signatures to multi-signatures and threshold ring signatures. Finally, to showcase the practicality of our approach, we implement our interactive constructions and compare them against related alternatives.
Note: This is the full version. It contains more detailed proofs and appendices that are not present in the proceedings version.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2024
- DOI
- https://doi.org/10.1007/978-981-96-0891-1_3
- Keywords
- Mercurial SignaturesEquivalence Class SignaturesThreshold SignaturesClass-HidingAnonymous Credentials
- Contact author(s)
-
msyk abe @ ntt com
nanri masaya 26n @ st kyoto-u ac jp
octavio perezkempner @ ntt com
mehdi tibouchi @ ntt com - History
- 2024-12-03: last of 3 revisions
- 2024-04-23: received
- See all versions
- Short URL
- https://ia.cr/2024/625
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/625, author = {Masayuki Abe and Masaya Nanri and Octavio Perez Kempner and Mehdi Tibouchi}, title = {Interactive Threshold Mercurial Signatures and Applications}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/625}, year = {2024}, doi = {https://doi.org/10.1007/978-981-96-0891-1_3}, url = {https://eprint.iacr.org/2024/625} }