Delegatable functional signatures

The authors introduce delegatable functional signatures (DFS) which support the delegation of signing capabilities to another party, called the evaluator, with respect to a functionality F . In a DFS, the signer of a message can choose an evaluator, specify how the evaluator can modify the signature without voiding its validity, allow additional input, and decide how the evaluator can further delegate its capabilities. Technically, DFS unify several seemingly different signature primitives, including functional signatures and policy-based signatures, sanitisable signatures, identity-based signatures, and blind signatures. The authors characterise the instantiability of DFS with respect to the corresponding security notions of unforgeability and privacy. On the positive side, they show that privacy-free DFS can be constructed from one-way functions. Furthermore, they show that unforgeable and private DFS can be constructed from doubly-enhanced trapdoor permutations. On the negative side, they show that the previous result is optimal regarding its underlying assumptions. Their impossibility result shows that unforgeable private DFS cannot be constructed from one-way permutations.

[1]  Dario Catalano,et al.  Homomorphic Signatures and Message Authentication Codes , 2014, SCN.

[2]  Rafail Ostrovsky,et al.  Security of Blind Digital Signatures (Extended Abstract) , 1997, CRYPTO.

[3]  Adi Shamir,et al.  Multiple non-interactive zero knowledge proofs based on a single random string , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[4]  Markulf Kohlweiss,et al.  Malleable Signatures: Complex Unary Transformations and Delegatable Anonymous Credentials , 2013, IACR Cryptol. ePrint Arch..

[5]  Georg Fuchsbauer,et al.  Anonymous Proxy Signatures , 2008, SCN.

[6]  Stefan Brands,et al.  Restrictive Blinding of Secret-Key Certificates , 1995, EUROCRYPT.

[7]  Markulf Kohlweiss,et al.  P-signatures and Noninteractive Anonymous Credentials , 2008, TCC.

[8]  Jonathan Katz,et al.  Impossibility of Blind Signatures from One-Way Permutations , 2011, TCC.

[9]  Markulf Kohlweiss,et al.  Malleable Signatures: New Definitions and Delegatable Anonymous Credentials , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[10]  Michael Backes,et al.  Delegatable Functional Signatures , 2016, Public Key Cryptography.

[11]  Jens Groth,et al.  Simulation-Sound NIZK Proofs for a Practical Language and Constant Size Group Signatures , 2006, ASIACRYPT.

[12]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[13]  Markulf Kohlweiss,et al.  Succinct Malleable NIZKs and an Application to Compact Shuffles , 2013, TCC.

[14]  Hovav Shacham,et al.  Randomizable Proofs and Delegatable Anonymous Credentials , 2009, CRYPTO.

[15]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[16]  Chanathip Namprempre,et al.  Security Proofs for Identity-Based Identification and Signature Schemes , 2008, Journal of Cryptology.

[17]  David Mandell Freeman,et al.  Improved Security for Linearly Homomorphic Signatures: A Generic Framework , 2012, Public Key Cryptography.

[18]  Giulio Malavolta,et al.  Efficient Unlinkable Sanitizable Signatures from Signatures with Re-randomizable Keys , 2016, Public Key Cryptography.

[19]  Marc Fischlin,et al.  Unlinkability of Sanitizable Signatures , 2010, Public Key Cryptography.

[20]  Rafail Ostrovsky,et al.  Security of blind digital signatures , 1997 .

[21]  Jan Camenisch,et al.  Efficient Attributes for Anonymous Credentials , 2012, TSEC.

[22]  Dan Boneh,et al.  Linearly Homomorphic Signatures over Binary Fields and New Tools for Lattice-Based Signatures , 2011, Public Key Cryptography.

[23]  Gene Tsudik,et al.  Sanitizable Signatures , 2005, ESORICS.

[24]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[25]  Sean W. Smith,et al.  Blacklistable anonymous credentials: blocking misbehaving users without ttps , 2007, CCS '07.

[26]  Stefan Katzenbeisser,et al.  Redactable Signatures for Tree-Structured Data: Definitions and Constructions , 2010, ACNS.

[27]  Tao Zhang,et al.  Efficient Sanitizable Signatures Without Random Oracles , 2016, ESORICS.

[28]  Marc Fischlin,et al.  Security of Blind Signatures under Aborts , 2009, Public Key Cryptography.

[29]  Lujo Bauer,et al.  Constraining Credential Usage in Logic-Based Access Control , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[30]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[31]  Dominique Unruh,et al.  Security of Blind Signatures Revisited , 2012, Public Key Cryptography.

[32]  Moti Yung,et al.  Linearly homomorphic structure-preserving signatures and their applications , 2013, Designs, Codes and Cryptography.

[33]  Bogdan Warinschi,et al.  Homomorphic Signatures with Efficient Verification for Polynomial Functions , 2014, CRYPTO.

[34]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[35]  Ron Steinfeld,et al.  Content Extraction Signatures , 2001, ICISC.

[36]  Matthew Green,et al.  Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials , 2009, Public Key Cryptography.

[37]  Thomas Peters,et al.  Computing on Authenticated Data: New Privacy Definitions and Constructions , 2012, ASIACRYPT.

[38]  Thomas Peters,et al.  Efficient Completely Context-Hiding Quotable and Linearly Homomorphic Signatures , 2013, Public Key Cryptography.

[39]  Abhi Shelat,et al.  Computing on Authenticated Data , 2012, Journal of Cryptology.

[40]  Dan Boneh,et al.  Homomorphic Signatures for Polynomial Functions , 2011, EUROCRYPT.

[41]  Boaz Barak,et al.  Lower Bounds on Signatures From Symmetric Primitives , 2008, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[42]  Chanathip Namprempre,et al.  On the (Im)possibility of Blind Message Authentication Codes , 2006, CT-RSA.

[43]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[44]  Georg Fuchsbauer,et al.  Policy-Based Signatures , 2013, IACR Cryptol. ePrint Arch..

[45]  Dawn Xiaodong Song,et al.  Homomorphic Signature Schemes , 2002, CT-RSA.

[46]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[47]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[48]  Tolga Acar,et al.  Revocation for Delegatable Anonymous Credentials , 2011, Public Key Cryptography.

[49]  Hideki Imai,et al.  Invisibly Sanitizable Digital Signature Scheme , 2008, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[50]  Marc Fischlin,et al.  Round-Optimal Composable Blind Signatures in the Common Reference String Model , 2006, CRYPTO.