Efficient Batch Verification of Short Signatures for a Single-Signer Setting without Random Oracles

In Eurocrypt 2007, Camenisch, Hohenberger and Pedersen introduced the notion of multi-signer batch verification and proposed several efficient and practical batch verification schemes for signatures, including a very efficient batch verification scheme for a multi-signer setting without random oracles. This scheme is the most efficient in comparison with other existing schemes, but it can be applied only to the multi-signer setting. We observe that amongst all existing batch verification schemes, the fastest scheme for a single-signer setting is based on the BLS short signature whose proof need resort to random oracles. It is clear that batch verification for a single-signer setting is as important as for multi-signer scenarios in some applications, especially where the system has only a single signer, such as a secure time-stamping server or a certificate generation server. However, to our knowledge, the efficient batch verification of short signatures in a single-signer setting without random oracles is a challenging open problem. In this paper, we propose a new signature scheme from Gentry IBE that is as efficient as the BLS short signature scheme in batch verification. We are able to prove its security without random oracles. Our signature is approximately 320 bits in length, and a verification requires only two pairings for verifying n signatures from a single signer.

[1]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[2]  Moni Naor Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20-24, 2007, Proceedings , 2007, EUROCRYPT.

[3]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[4]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[5]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[6]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[7]  Jacques Stern,et al.  Signing on a Postcard , 2000, Financial Cryptography.

[8]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[9]  Choonsik Park,et al.  Information Security and Cryptology - ICISC 2004, 7th International Conference, Seoul, Korea, December 2-3, 2004, Revised Selected Papers , 2005, ICISC.

[10]  Nigel P. Smart,et al.  On Computing Products of Pairings , 2006, IACR Cryptol. ePrint Arch..

[11]  L. Harn Batch verifying multiple DSA-type digital signatures , 1998 .

[12]  Sung-Ming Yen,et al.  Improved Digital Signature Suitable for Batch Verification , 1995, IEEE Trans. Computers.

[13]  Jan Camenisch,et al.  Batch Verification of Short Signatures , 2007, EUROCRYPT.

[14]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[15]  Amos Fiat,et al.  Batch RSA , 1989, Journal of Cryptology.

[16]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[17]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[18]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[19]  Lein Harn,et al.  Batch verifying multiple RSA digital signatures , 1998 .

[20]  Jung Hee Cheon,et al.  Batch Verifications with ID-Based Signatures , 2004, ICISC.

[21]  Yael Tauman Kalai,et al.  Improved Online/Offline Signature Schemes , 2001, CRYPTO.

[22]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[23]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.

[24]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[25]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[26]  David M'Raïhi,et al.  Can D.S.A. be Improved? Complexity Trade-Offs with the Digital Signature Standard , 1994, EUROCRYPT.

[27]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.