TY - GEN
T1 - Aggregating CL-signatures revisited
T2 - 17th International Conference on Financial Cryptography and Data Security, FC 2013
AU - Lee, Kwangsu
AU - Lee, Dong Hoon
AU - Yung, Moti
PY - 2013
Y1 - 2013
N2 - Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short (called aggregate) signature. The notion has many applications where compressing the signature space is important: in infrastructure: secure routing protocols, in security: compressed certificate chain signature, in signing incrementally changed data: such as software module authentications, and in transaction systems: like in secure high-scale repositories and logs, typical in financial transactions. In spite of its importance, the state of the art of the primitive is such that it has not been easy to devise a suitable aggregate signature scheme that satisfies the conditions of real applications, with reasonable parameters: short public key size, short aggregate signatures size, and efficient aggregate signing/verification. In this paper, we propose two aggregate signature schemes based on the Camenisch-Lysyanskaya (CL) signature scheme whose security is reduced to that of CL signature (i.e., secure under the LRSW assumption) which substantially improve efficiency conditions for real applications. The first scheme is an "efficient sequential aggregate signature" scheme with the shortest size public key, to date, and very efficient aggregate verification. The second scheme is an "efficient synchronized aggregate signature" scheme with a very short public key size, and with the shortest (to date) size of aggregate signatures among synchronized aggregate signature schemes. Signing and aggregate verification are very efficient. Furthermore, our schemes are compatible: a signer of our aggregate signature schemes can dynamically use two modes of aggregation "sequential" and "synchronized," employing the same private/public key.
AB - Aggregate signature is public-key signature that allows anyone to aggregate different signatures generated by different signers on different messages into a short (called aggregate) signature. The notion has many applications where compressing the signature space is important: in infrastructure: secure routing protocols, in security: compressed certificate chain signature, in signing incrementally changed data: such as software module authentications, and in transaction systems: like in secure high-scale repositories and logs, typical in financial transactions. In spite of its importance, the state of the art of the primitive is such that it has not been easy to devise a suitable aggregate signature scheme that satisfies the conditions of real applications, with reasonable parameters: short public key size, short aggregate signatures size, and efficient aggregate signing/verification. In this paper, we propose two aggregate signature schemes based on the Camenisch-Lysyanskaya (CL) signature scheme whose security is reduced to that of CL signature (i.e., secure under the LRSW assumption) which substantially improve efficiency conditions for real applications. The first scheme is an "efficient sequential aggregate signature" scheme with the shortest size public key, to date, and very efficient aggregate verification. The second scheme is an "efficient synchronized aggregate signature" scheme with a very short public key size, and with the shortest (to date) size of aggregate signatures among synchronized aggregate signature schemes. Signing and aggregate verification are very efficient. Furthermore, our schemes are compatible: a signer of our aggregate signature schemes can dynamically use two modes of aggregation "sequential" and "synchronized," employing the same private/public key.
KW - Aggregate information applications
KW - Aggregate signature
KW - Bilinear map
KW - CL signature
KW - Public-key signature
UR - http://www.scopus.com/inward/record.url?scp=84883289163&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-39884-1_14
DO - 10.1007/978-3-642-39884-1_14
M3 - Conference contribution
AN - SCOPUS:84883289163
SN - 9783642398834
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 171
EP - 188
BT - Financial Cryptography and Data Security - 17th International Conference, FC 2013, Revised Selected Papers
Y2 - 1 April 2013 through 5 April 2013
ER -