A multicast communication source often needs to securely verify which multicast group members have received a message, but verification of individually signed acknowledgments from each member would impose a significant computation and communication cost. As pointed out by Nicolosi and Mazieres [NM04], such cost is minimized if the intermediate nodes along the multicast distribution tree aggregate the individual signatures generated by the multicast receivers into a single multisignature. While the solution of [NM04], based on a multisignature scheme of Boldyreva [Bol03], relied on so-called "Gap Diffie-Hellman" groups, we propose a solution using a multisignature scheme which is secure under just the discrete logarithm assumption. However, unlike the previously known discrete-log based multisignature scheme of Micali et al. [MOR01a], our multisignature scheme is robust, which allows for an efficient multisignature generation even in the presence of (possibly malicious) node and communication failures. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Castelluccia, C., Jarecki, S., Kim, J., & Tsudik, G. (2005). A robust multisignature scheme with applications to acknowledgement aggregation. In Lecture Notes in Computer Science (Vol. 3352, pp. 193–207). Springer Verlag. https://doi.org/10.1007/978-3-540-30598-9_14
Mendeley helps you to discover research relevant for your work.