Deterministic Identity-Based Signatures for Partial Aggregation

9 years 11 months ago
Deterministic Identity-Based Signatures for Partial Aggregation
Aggregate signatures are a useful primitive which allows to aggregate into a single and constant-length signature many signatures on different messages computed by different users. Specific proposals of aggregate signature schemes exist only for PKI-based scenarios. For identity-based scenarios, where public keys of the users are directly derived from their identities, the signature schemes proposed up to now do not seem to allow constant-length aggregation. We provide an intermediate solution to this problem, by designing a new identity-based signature scheme which allows aggregation when the signatures to be aggregated come all from the same signer. The new scheme is deterministic and enjoys some better properties than the previous proposals. We formally prove that the scheme is unforgeable, in the random oracle model, assuming that the Computational co-Diffie-Hellman problem is hard to solve.
Javier Herranz
Added 11 Dec 2010
Updated 11 Dec 2010
Type Journal
Year 2006
Where CJ
Authors Javier Herranz
Comments (0)