Graded Signatures

Motivated by the application of anonymous petitions, we formalize a new primitive called “graded signatures”, which enables a user to consolidate a set of signatures on a message m originating from l different signers that are members of a PKI. We call the value l∈N\documentclass[12pt]{minimal} \use...

Full description

Saved in:
Bibliographic Details
Published inInformation Security pp. 61 - 80
Main Authors Kiayias, Aggelos, Osmanoglu, Murat, Tang, Qiang
Format Book Chapter
LanguageEnglish
Published Cham Springer International Publishing
SeriesLecture Notes in Computer Science
Online AccessGet full text

Cover

Loading…
More Information
Summary:Motivated by the application of anonymous petitions, we formalize a new primitive called “graded signatures”, which enables a user to consolidate a set of signatures on a message m originating from l different signers that are members of a PKI. We call the value l∈N\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$l \in \mathbb {N}$$\end{document}, the grade of the consolidated signature. The resulting consolidated signature object on m reveals nothing more than the grade and the validity of the original signatures without leaking the identity of the signers. Further, we require that the signature consolidation is taken place in an unlinkable fashion so that neither the signer nor the CA of the PKI can tell whether a signature is used in a consolidation action. Beyond petitions, we demonstrate the usefulness of the new primitive by providing several other applications including delegation of signing rights adhering to dynamic threshold policies and issuing graded certificates in a multi-CA PKI setting. We present an efficient construction for graded signatures that relies on Groth-Sahai proofs and efficient arguments for showing that an integer belongs to a specified range. We achieve a linear in the grade signature size and verification time in this setting. Besides, we propose some extension that can support the certificate revocation by utilizing efficient non-membership proofs.
ISBN:9783319233178
3319233173
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-319-23318-5_4