Secure use of the BGLS [1] aggregate signature schemes is restricted to the aggregation of distinct messages (for the basic scheme) or per-signer distinct messages (for the enhanced, prepend-public-key version of the scheme). We argue that these restrictions preclude interesting applications, make usage of the schemes error-prone and are generally undesirable in practice. Via a new analysis and proof, we show how the restrictions can be lifted, yielding the first truly unrestricted aggregate signature scheme. Via another new analysis and proof, we show that the distinct signer restriction on the sequential aggregate signature schemes of [2] can also be dropped, yielding an unrestricted sequential aggregate signature scheme. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Bellare, M., Namprempre, C., & Neven, G. (2007). Unrestricted aggregate signatures. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4596 LNCS, pp. 411–422). Springer Verlag. https://doi.org/10.1007/978-3-540-73420-8_37
Mendeley helps you to discover research relevant for your work.