Non-interactive CDH-based multisignature scheme in the plain public key model with tighter security

Abstract

A multisignature scheme allows an ad hoc set of users to sign a message so that the resulting single signature certifies that the users endorsed the message. However, all known multisignatures are either at the price of complexity and additional trust of Certificate Authority (CA), or sacrificing efficiency of computation and communication (including both bandwidth and round). This paper proposes a new multisignature scheme with efficient verification in the plain public key model. Our multisignatures enjoys the most desired features: (1) Our plain public key model-based multisignatures do not impose any impractical key setup or PKI requirements; (2) Our multisignature scheme is non-interactive, which saves computation and communication in signature generation; (3) Through pre-computation, our scheme achieves verification in the plain public key model; (4) Provable tighter security under the standard CDH assumption ensures high level of security in both practice and theory. Hence, our non-interactive multisignatures are of great use in authentication of routes in networks. © 2011 Springer-Verlag.