Abstract
A union-only signature (UOS) scheme (informally introduced by Johnson et al. at CT-RSA 2002) allows signers to sign sets of messages in such a way that (1) any third party can merge two signatures to derive a signature on the union of the message sets, and (2) no adversary, given a signature on some set, can derive a valid signature on any strict subset of that set (unless it has seen such a signature already). Johnson et al. originally posed building a UOS as an open problem. In this paper, we make two contributions: we give the first formal definition of a UOS scheme, and we give the first UOS constructions. Our main construction uses hashing, regular digital signatures, Pedersen commitments and signatures of knowledge. We provide an implementation that demonstrates its practicality. Our main construction also relies on the hardness of the short integer solution (SIS) problem; we show how that this assumption can be replaced with the use of groups of unknown order. Finally, we sketch a UOS construction using SNARKs; this additionally gives the property that the size of the signature does not grow with the number of merges. (A full version of this paper, with all proofs and preliminaries, is available on the ePrint Archive).
Original language | English |
---|---|
Title of host publication | Security and Cryptography for Networks - 13th International Conference, SCN 2022, Proceedings |
Editors | Clemente Galdi, Stanislaw Jarecki |
Number of pages | 24 |
Publisher | Springer |
Publication date | Sept 2022 |
Pages | 387-410 |
ISBN (Print) | 9783031147906 |
ISBN (Electronic) | 978-3-031-14791-3 |
DOIs | |
Publication status | Published - Sept 2022 |
Event | 13th Conference on Security and Cryptography For Networks - Almafi, Italy Duration: 12 Sept 2022 → 14 Sept 2022 https://scn.unisa.it/scn22/ |
Conference
Conference | 13th Conference on Security and Cryptography For Networks |
---|---|
Country/Territory | Italy |
City | Almafi |
Period | 12/09/2022 → 14/09/2022 |
Internet address |
Series | Lecture Notes in Computer Science |
---|---|
Volume | 13409 |
ISSN | 0302-9743 |
Keywords
- history-hiding
- homomorphic signatures
- software implementation
- union-only signature schemes