Article

Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing

Authors:

Alexandra Boldyreva,

Dae Hyun YumAuthors Info & Claims

CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

Pages 276 - 285

https://doi.org/10.1145/1315245.1315280

Published: 28 October 2007 Publication History

Abstract

We construct new multiparty signature schemes that allow multiple signers to sequentially produce a compact, fixed-length signature simultaneously attesting to the message(s) they want to sign. First, we introduce a new primitive that we call ordered multisignatures (OMS), which allow signers to attest to a common message as well as the order in which they signed. Our OMS construction substantially improves computational efficiency over any existing scheme with comparable functionality. Second, we design a new identity-based sequential aggregate signature scheme, where signers can attest to different messages and signature verification does not require knowledge of traditional public keys. The latter property permits savings on bandwidth and storage as compared to public-key solutions. In contrast to the only prior scheme to provide this functionality, ours offers improved security that does not rely on synchronized clocks or a trusted first signer. Security proofs according to the corresponding security definitions and under appropriate computational assumptions are provided for all the proposed schemes. We give several applications of our schemes to secure network routing, and we believe that they will find many other applications as well.

References

[1]

W. Aiello, J. Ioannidis, and P. McDaniel. Origin authentication in interdomain routing. In ACM CCS, 2003.

Digital Library

[2]

M.-H. Au, W. Susilo, and Y. Mu. Practical compact e-cash. Cryptology ePrint Archive, Report 2007/148, 2007. http://eprint.iacr.org/.

[3]

M. Bellare and G. Neven. Multi-signatures in the plain public-key model and a general forking lemma. In ACM CCS, 2006.

Digital Library

[4]

M. Bellare and G. Neven. Identity-based multi-signatures from RSA. In CT-RSA, 2007.

Digital Library

[5]

M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In ACM CCS, 1993.

Digital Library

[6]

J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In Symposium on Security and Privacy. IEEE, 2007.

Digital Library

[7]

A. Boldyreva. Threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-Group signature scheme. In Public Key Cryptography, 2003.

Digital Library

[8]

A. Boldyreva, C. Gentry, A. O'Neill, and D. H. Yum. Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing. A full version of this paper, 2007. www.cc.gatech.edu/~aboldyre/publications.html.

Digital Library

[9]

D. Boneh and X. Boyen. Efficient selective-ID secure identity-based encryption without random oracles. In EUROCRYPT, 2004.

[10]

D. Boneh and X. Boyen. Short signatures without random oracles. In EUROCRYPT, 2004.

[11]

D. Boneh, X. Boyen, and E.-J. Goh. Hierarchical identity based encryption with constant size ciphertext. In EUROCRYPT, 2005.

Digital Library

[12]

D. Boneh, C. Gentry, B. Lynn, and H. Shacham. Aggregate and verifiably encrypted signatures from bilinear maps. In EUROCRYPT, 2003.

Digital Library

[13]

M. Burmester, Y. Desmedt, H. Doi, M. Mambo, E. Okamoto, M. Tada, and Y. Yoshifuji. A structured ElGamal-type multisignature scheme. In PKC, 2000.

Digital Library

[14]

K. Butler and W. Aiello. Optimizing BGP security by exploiting path stability. In ACM CCS, 2006.

Digital Library

[15]

K. Butler, F. Farley, P. McDaniel, and J. Rexford. A survey of BGP security. Apr. 2005. http://www.research.att.com/jrex/.

[16]

J. Camenisch, S. Hohenberger, and M. Pedersen. Batch verification of short signatures. In EUROCRYPT, 2007.

Digital Library

[17]

J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In CRYPTO, 2004.

[18]

H. Chan, D. Dash, A. Perrig, and H. Zhang. Modeling adoptability of secure BGP protocols. In ACM SIGMETRICS, 2006.

Digital Library

[19]

J.-S. Coron. On the exact security of full domain hash. In CRYPTO, 2000.

Digital Library

[20]

H. Doi, E. Okamoto, and M. Mambo. Multisignature schemes for various group structures. In Symposium on Cryptography and Information Security, 1994.

[21]

H. Doi, E. Okamoto, M. Mambo, and T. Uyematsu. Multisignature scheme with specified order. In Conference on Communication, Control, and Computing, 1999.

[22]

N. Feamster, H. Balakrishnan, and J. Rexford. Some foundational problems in interdomain routing. In HotNets, 2004.

[23]

D. Galindo, J. Herranz, and E. Kiltz. On the generic construction of identity-based signatures with additional properties. In ASIACRYPT, 2006.

Digital Library

[24]

C. Gentry and Z. Ramzan. Identity-based aggregate signatures. In Public Key Cryptography, 2006.

Digital Library

[25]

C. Gentry and A. Silverberg. Hierarchical ID-based cryptography. In ASIACRYPT, 2002.

Digital Library

[26]

G. Goodell, W. Aiello, T. Griffin, J. Ioannidis, P. Mcdanniel, and A. Rubin. Working around BGP: An incremental approach to improving security and accuracy in interdomain routing. In NDSS, 2003.

[27]

J. Herranz. Deterministic identity-based signatures for partial aggregation. J. Comput., 49(3), 2006.

Digital Library

[28]

Y.-C. Hu, A. Perrig, and M. Sirbu. SPV: Secure path vector routing for securing BGP. In ACM SIGCOMM, 2004.

Digital Library

[29]

S. Kent, C. Lynn, J. Mikkelson, and K. Seo. Secure border gateway protocol (S-BGP) - Real world performance and deployment issues. In NDSS, 2000.

[30]

E. Kiltz, A. Mityagin, S. Panjwani, and B. Raghavan. Append-only signatures. In ICALP, 2005.

Digital Library

[31]

S. Lu, R. Ostrovsky, A. Sahai, H. Shacham, and B. Waters. Sequential aggregate signatures and multisignatures without random oracles. In EUROCRYPT, 2006.

Digital Library

[32]

A. Lysyanskaya, S. Micali, L. Reyzin, and H. Shacham. Sequential aggregate signatures from trapdoor permutations. In EUROCRYPT, 2004.

[33]

A. Lysyanskaya, R. Rivest, A. Sahai, and S. Wolf. Pseudonym systems. In Selected Areas in Cryptography, 1999.

Digital Library

[34]

S. Micali, K. Ohta, and L. Reyzin. Accountable-subgroup multisignatures. In ACM CCS, 2001.

Digital Library

[35]

S. Mitomi and A. Miyaji. A multisignature scheme with message flexibility, order flexibility and order verifiability. In ACISP, 2000.

Digital Library

[36]

M. Motiwala, A. Bavier, and N. Feamster. In-band network path diagnosis. Georgia Tech Technical Report GT-CS-07-07.

[37]

M. Motiwala and N. Feamster. Position paper: Network troubleshooting on data plane coattails. In WIRED, 2006.

[38]

E. Mykletun, M. Narasimha, and G. Tsudik. Signature bouquets: Immutability for aggregated/condensed signatures. In ESORICS, 2004.

[39]

A. Saxena and B. Soh. One-way signature chaining - a new paradigm for group cryptosystems. Cryptology ePrint Archive, Report 2005/335, 2005. http://eprint.iacr.org/.

[40]

V. Shoup. Lower bounds for discrete logarithms and related problems. In EUROCRYPT, 1997.

Digital Library

[41]

K. Stange. The tate pairing via elliptic nets. In Pairing 2007, 2007.

Digital Library

[42]

M. Tada. An order-specified multisignature scheme secure against active insider attacks. In Australian Conference on Information Security and Privacy, 2002.

Digital Library

[43]

T. Wan, E. Kranakis, and P. van Oorschot. Pretty secure BGP, psBGP. In NDSS, 2005.

[44]

S. Xu and Y. and W. Susilo. Online/offline signatures and multisignatures for AODV and DSR routing security. In Australasian Conference on Information Security and Privacy, 2006.

Digital Library

[45]

M. Zhao, S. Smith, and D. Nicol. Aggregated path authentication for efficient BGP security. In ACM CCS, 2005.

Digital Library

Cited By

Baldimtsi FChalkias KGarillot FLindstrøm JRiva BRoy ASedaghat MSonnino AWaiwitlikhit PWang J(2025)Subset-Optimized BLS Multi-signature with Key AggregationFinancial Cryptography and Data Security10.1007/978-3-031-78679-2_10(188-205)Online publication date: 16-Feb-2025
https://doi.org/10.1007/978-3-031-78679-2_10
Segev GShapira L(2024)An Explicit High-Moment Forking Lemma and its Applications to the Concrete Security of Multi-SignaturesIACR Communications in Cryptology10.62056/a6qj89n4eOnline publication date: 8-Jul-2024
https://doi.org/10.62056/a6qj89n4e
TAKEMURE KSAKAI YSANTOSO BHANAOKA GOHTA K(2024)More Efficient Two-Round Multi-Signature Scheme with Provably Secure Parameters for Standardized Elliptic CurvesIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences10.1587/transfun.2023EAP1045E107.A:7(966-988)Online publication date: 1-Jul-2024
https://doi.org/10.1587/transfun.2023EAP1045
Show More Cited By

Index Terms

Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features
        Data types and structures

Recommendations

Sequential Aggregate Signatures, Multisignatures, and Verifiably Encrypted Signatures Without Random Oracles

We present the first aggregate signature, the first multisignature, and the first verifiably encrypted signature provably secure without random oracles. Our constructions derive from a novel application of a recent signature scheme due to Waters. ...
Efficient identity-based RSA multisignatures

A digital multisignature is a digital signature of a message generated by multiple signers with knowledge of multiple private keys. In this paper, an efficient RSA multisignature scheme based on Shamir's identity-based signature (IBS) scheme is ...
Sequential aggregate signatures and multisignatures without random oracles
EUROCRYPT'06: Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

We present the first aggregate signature, the first multisignature, and the first verifiably encrypted signature provably secure without random oracles. Our constructions derive from a novel application of a recent signature scheme due to Waters. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

October 2007

628 pages

ISBN:9781595937032

DOI:10.1145/1315245

General Chair:
Peng Ning
NC State University, USA
,
Program Chairs:
Sabrina De Capitani di Vimercati
University of Milan, Italy
,
Paul Syverson
Naval Research Laboratory, USA

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

CCS07

Sponsor:

CCS07: 14th ACM Conference on Computer and Communications Security 2007

November 2 - October 31, 2007

Virginia, Alexandria, USA

Acceptance Rates

CCS '07 Paper Acceptance Rate 55 of 302 submissions, 18%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

97
Total Citations
View Citations
1,116
Total Downloads

Downloads (Last 12 months)24
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Baldimtsi FChalkias KGarillot FLindstrøm JRiva BRoy ASedaghat MSonnino AWaiwitlikhit PWang J(2025)Subset-Optimized BLS Multi-signature with Key AggregationFinancial Cryptography and Data Security10.1007/978-3-031-78679-2_10(188-205)Online publication date: 16-Feb-2025
https://doi.org/10.1007/978-3-031-78679-2_10
Segev GShapira L(2024)An Explicit High-Moment Forking Lemma and its Applications to the Concrete Security of Multi-SignaturesIACR Communications in Cryptology10.62056/a6qj89n4eOnline publication date: 8-Jul-2024
https://doi.org/10.62056/a6qj89n4e
TAKEMURE KSAKAI YSANTOSO BHANAOKA GOHTA K(2024)More Efficient Two-Round Multi-Signature Scheme with Provably Secure Parameters for Standardized Elliptic CurvesIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences10.1587/transfun.2023EAP1045E107.A:7(966-988)Online publication date: 1-Jul-2024
https://doi.org/10.1587/transfun.2023EAP1045
Nouma SYavuz A(2024)Trustworthy and Efficient Digital Twins in Post-Quantum Era with Hybrid Hardware-Assisted SignaturesACM Transactions on Multimedia Computing, Communications, and Applications10.1145/363825020:6(1-30)Online publication date: 8-Mar-2024
https://dl.acm.org/doi/10.1145/3638250
Yu HLi BHui W(2024)Signature-Based Anti-Quantum Schemes for Blockchain-Based Donation and E-InvoiceIEEE Internet of Things Journal10.1109/JIOT.2024.341098011:18(30245-30259)Online publication date: 15-Sep-2024
https://doi.org/10.1109/JIOT.2024.3410980
Park CCho SCho YKim SLee H(2024)Insecurity of Chait et al.’s RSA-Based Aggregate Signature SchemeIEEE Access10.1109/ACCESS.2024.335884912(16462-16473)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3358849
Mafu M(2024)Advances in artificial intelligence and machine learning for quantum communication applicationsIET Quantum Communication10.1049/qtc2.120945:3(202-231)Online publication date: 16-Apr-2024
https://doi.org/10.1049/qtc2.12094
Rotem LSegev GYogev E(2024)From One-Time to Two-Round Reusable Multi-signatures Without Nested ForkingTheory of Cryptography10.1007/978-3-031-78020-2_13(371-399)Online publication date: 30-Nov-2024
https://doi.org/10.1007/978-3-031-78020-2_13
Lee KKim H(2023)Two-Round Multi-Signatures from Okamoto SignaturesMathematics10.3390/math1114322311:14(3223)Online publication date: 22-Jul-2023
https://doi.org/10.3390/math11143223
Sahoo SChaurasiya V(2023)EASB: ECC based aggregate signature without bilinear pairing for blockchainMultimedia Tools and Applications10.1007/s11042-023-17002-483:12(34581-34600)Online publication date: 26-Sep-2023
https://doi.org/10.1007/s11042-023-17002-4
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten