Identity-Based Multi-signatures from RSA

8 years 7 months ago
Identity-Based Multi-signatures from RSA
Abstract. Multi-signatures allow multiple signers to jointly authenticate a message using a single compact signature. Many applications however require the public keys of the signers to be sent along with the signature, partly defeating the effect of the compact signature. Since identity strings are likely to be much shorter than randomly generated public keys, the identity-based paradigm is particularly appealing for the case of multi-signatures. In this paper, we present and prove secure an identity-based multi-signature (IBMS) scheme based on RSA, which in particular does not rely on (the rather new and untested) assumptions related to bilinear maps. We define an appropriate security notion for interactive IBMS schemes and prove the security of our scheme under the one-wayness of RSA in the random oracle model.
Mihir Bellare, Gregory Neven
Added 18 Oct 2010
Updated 18 Oct 2010
Type Conference
Year 2007
Authors Mihir Bellare, Gregory Neven
Comments (0)