A Variant of BLS Signature Scheme with Tight Security Reduction

In 2001, Boneh, Lynn and Shacham designed a signature scheme using the properties of bilinear pairing from elliptic curve, and based its security under the Computational Diffie-Hellman (CDH) assumption. However, the security reduction is not tight as there is a loss of roughly \(q_s\), the number of sign queries. In this paper, we propose a variant of the BLS signature with tight security reduction based on the co-CDH assumption. Besides upgraded to the notion of strong existential unforgeability under chosen message attack, the variant is backward-compatible with the original BLS signature.

[1]  Stanislaw Jarecki,et al.  A Signature Scheme as Secure as the Diffie-Hellman Problem , 2003, EUROCRYPT.

[2]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[3]  Jinjun Chen,et al.  Public Auditing for Big Data Storage in Cloud Computing -- A Survey , 2013, 2013 IEEE 16th International Conference on Computational Science and Engineering.

[4]  Jean-Sébastien Coron,et al.  Optimal Security Proofs for PSS and Other Signature Schemes , 2002, EUROCRYPT.

[5]  Alfred Menezes,et al.  Another Look at "Provable Security". II , 2006, INDOCRYPT.

[6]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[7]  Sanjit Chatterjee,et al.  Comparing two pairing-based aggregate signature schemes , 2010, Des. Codes Cryptogr..

[8]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[9]  Paulo S. L. M. Barreto,et al.  A family of implementation-friendly BN elliptic curves , 2011, J. Syst. Softw..

[10]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[11]  Jonathan Katz,et al.  Efficiency improvements for signature schemes with tight security reductions , 2003, CCS '03.

[12]  Allen Roginsky,et al.  Report on Pairing-based Cryptography , 2015, Journal of research of the National Institute of Standards and Technology.

[13]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[14]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[15]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[16]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[17]  Eike Kiltz,et al.  Optimal Security Proofs for Signatures from Identification Schemes , 2016, CRYPTO.

[18]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[19]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[20]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[21]  Alfred Menezes,et al.  The random oracle model: a twenty-year retrospective , 2015, Designs, Codes and Cryptography.

[22]  Marie-Sarah Lacharité Security of BLS and BGLS signatures in a multi-user setting , 2017, Cryptography and Communications.

[23]  Jean-Sébastien Coron,et al.  A variant of Boneh-Franklin IBE with a tight reduction in the random oracle model , 2009, Des. Codes Cryptogr..

[24]  Robert H. Deng,et al.  Variations of Diffie-Hellman Problem , 2003, ICICS.

[25]  Rafail Ostrovsky,et al.  Sequential Aggregate Signatures and Multisignatures Without Random Oracles , 2006, EUROCRYPT.

[26]  Chanathip Namprempre,et al.  Unrestricted Aggregate Signatures , 2007, ICALP.

[27]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[28]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.