Homomorphic signatures with sublinear public keys via asymmetric programmable hash functions

We introduce the notion of asymmetric programmable hash functions (APHFs, for short), which adapts Programmable hash functions, introduced by Hofheinz and Kiltz (Crypto 2008, Springer, 2008), with two main differences. First, an APHF works over bilinear groups, and it is asymmetric in the sense that, while only secretly computable, it admits an isomorphic copy which is publicly computable. Second, in addition to the usual programmability, APHFs may have an alternative property that we call programmable pseudorandomness. In a nutshell, this property states that it is possible to embed a pseudorandom value as part of the function’s output, akin to a random oracle. In spite of the apparent limitation of being only secretly computable, APHFs turn out to be surprisingly powerful objects. We show that they can be used to generically implement both regular and linearly-homomorphic signature schemes in a simple and elegant way. More importantly, when instantiating these generic constructions with our concrete realizations of APHFs, we obtain: (1) the first linearly-homomorphic signature (in the standard model) whose public key is sub-linear in both the dataset size and the dimension of the signed vectors; (2) short signatures (in the standard model) whose public key is shorter than those by Hofheinz–Jager–Kiltz (Asiacrypt 2011, Springer, 2011) and essentially the same as those by Yamada et al. (CT-RSA 2012, Springer, 2012).

[1]  Matthew Green,et al.  Practical Adaptive Oblivious Transfer from Simple Assumptions , 2011, IACR Cryptol. ePrint Arch..

[2]  Jonathan Katz,et al.  Signing a Linear Subspace: Signature Schemes for Network Coding , 2009, IACR Cryptol. ePrint Arch..

[3]  Gilles Barthe,et al.  Automated Analysis of Cryptographic Assumptions in Generic Group Models , 2014, IACR Cryptol. ePrint Arch..

[4]  Jacob T. Schwartz,et al.  Fast Probabilistic Algorithms for Verification of Polynomial Identities , 1980, J. ACM.

[5]  Nuttapong Attrapadung,et al.  Homomorphic Network Coding Signatures in the Standard Model , 2011, Public Key Cryptography.

[6]  Thomas Peters,et al.  Computing on Authenticated Data: New Privacy Definitions and Constructions , 2012, ASIACRYPT.

[7]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[8]  Mehdi Tibouchi,et al.  Structure-Preserving Signatures from Type II Pairings , 2014, CRYPTO.

[9]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[10]  Kenneth G. Paterson,et al.  Programmable Hash Functions in the Multilinear Setting , 2013, CRYPTO.

[11]  Eike Kiltz,et al.  Programmable Hash Functions and Their Applications , 2008, Journal of Cryptology.

[12]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[13]  Dan Boneh,et al.  Linearly Homomorphic Signatures over Binary Fields and New Tools for Lattice-Based Signatures , 2011, Public Key Cryptography.

[14]  Amit Sahai,et al.  Coding Constructions for Blacklisting Problems without Computational Assumptions , 1999, CRYPTO.

[15]  Zhenfeng Zhang,et al.  Programmable Hash Functions from Lattices: Short Signatures and IBEs with Small Key Sizes , 2016, CRYPTO.

[16]  Dawn Xiaodong Song,et al.  Homomorphic Signature Schemes , 2002, CT-RSA.

[17]  Dario Fiore,et al.  Programmable Hash Functions Go Private: Constructions and Applications to (Homomorphic) Signatures with Shorter Public Keys , 2015, CRYPTO.

[18]  Tibor Jager,et al.  Simple and Efficient Public-Key Encryption from Computational Diffie-Hellman in the Standard Model , 2010, Public Key Cryptography.

[19]  Jonathan Katz,et al.  Secure Network Coding Over the Integers , 2010, IACR Cryptol. ePrint Arch..

[20]  Bogdan Warinschi,et al.  Adaptive Pseudo-Free Groups and Applications , 2011, IACR Cryptol. ePrint Arch..

[21]  Daniel Wichs,et al.  Leveled Fully Homomorphic Signatures from Standard Lattices , 2015, IACR Cryptol. ePrint Arch..

[22]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[23]  Michael Backes,et al.  Verifiable delegation of computation on outsourced data , 2013, CCS.

[24]  Rosario Gennaro,et al.  Algebraic (Trapdoor) One-Way Functions and Their Applications , 2013, TCC.

[25]  Elaine Shi,et al.  Adaptively Secure Fully Homomorphic Signatures Based on Lattices , 2014, IACR Cryptol. ePrint Arch..

[26]  Goichiro Hanaoka,et al.  Two-Dimensional Representation of Cover Free Families and Its Applications: Short Signatures and More , 2012, CT-RSA.

[27]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[28]  Jacob C. N. Schuldt,et al.  On the Impossibility of Constructing Efficient Key Encapsulation and Programmable Hash Functions in Prime Order Groups , 2012, CRYPTO.

[29]  Tibor Jager,et al.  Short Signatures From Weaker Assumptions , 2011, IACR Cryptol. ePrint Arch..

[30]  Bogdan Warinschi,et al.  Efficient Network Coding Signatures in the Standard Model , 2012, Public Key Cryptography.

[31]  David Mandell Freeman,et al.  Improved Security for Linearly Homomorphic Signatures: A Generic Framework , 2012, Public Key Cryptography.

[32]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[33]  Thomas Peters,et al.  Efficient Completely Context-Hiding Quotable and Linearly Homomorphic Signatures , 2013, Public Key Cryptography.

[34]  Bogdan Warinschi,et al.  Homomorphic Signatures with Efficient Verification for Polynomial Functions , 2014, CRYPTO.

[35]  Abhi Shelat,et al.  Computing on Authenticated Data , 2012, Journal of Cryptology.

[36]  Dan Boneh,et al.  Homomorphic Signatures for Polynomial Functions , 2011, EUROCRYPT.

[37]  Richard Zippel,et al.  Probabilistic algorithms for sparse polynomials , 1979, EUROSAM.

[38]  P. Erdös,et al.  Families of finite sets in which no set is covered by the union ofr others , 1985 .

[39]  Rosario Gennaro,et al.  Fully Homomorphic Message Authenticators , 2013, IACR Cryptol. ePrint Arch..