TY - GEN
T1 - A Tightly Secure DDH-based Multisignature with Public-Key Aggregation
AU - Fukumitsu, Masayuki
AU - Hasegawa, Shingo
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/11
Y1 - 2020/11
N2 - From the birth of the blockchain technology, multisignatures attract much attention as a tool for handling blockchain transactions. Concerning the application to the blockchain, multisignatures with public-key aggregation, which can compress public keys of signers to a single public key, is preferable to the standard multisignature because the public keys and the signature used in a transaction are stored to verify the transaction later. Several multisignature schemes with public key aggregation are proposed, however, there are no known schemes having a tight security reduction.We propose a first multisignature with public-key aggregation whose security is proven to be tightly secure under the DDH assumption in the random oracle model. Our multisignature is based on the DDH-based multisignature by Le, Yang, and Ghorbani, however, our security proof is different from theirs. The idea of our security proof originates from another DDH-based multisignature by Le, Bonnecaze, and Gabillon whose security proof is tightly one. By tailoring their security proof to a setting which admits the public-key aggregation, we can prove the tight security of our multisignature.
AB - From the birth of the blockchain technology, multisignatures attract much attention as a tool for handling blockchain transactions. Concerning the application to the blockchain, multisignatures with public-key aggregation, which can compress public keys of signers to a single public key, is preferable to the standard multisignature because the public keys and the signature used in a transaction are stored to verify the transaction later. Several multisignature schemes with public key aggregation are proposed, however, there are no known schemes having a tight security reduction.We propose a first multisignature with public-key aggregation whose security is proven to be tightly secure under the DDH assumption in the random oracle model. Our multisignature is based on the DDH-based multisignature by Le, Yang, and Ghorbani, however, our security proof is different from theirs. The idea of our security proof originates from another DDH-based multisignature by Le, Bonnecaze, and Gabillon whose security proof is tightly one. By tailoring their security proof to a setting which admits the public-key aggregation, we can prove the tight security of our multisignature.
KW - Blockchain
KW - DDH Assumption
KW - Key Aggregation
KW - Multisignature
KW - Tight Security
UR - http://www.scopus.com/inward/record.url?scp=85102202159&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85102202159&partnerID=8YFLogxK
U2 - 10.1109/CANDARW51189.2020.00069
DO - 10.1109/CANDARW51189.2020.00069
M3 - Conference contribution
AN - SCOPUS:85102202159
T3 - Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
SP - 321
EP - 327
BT - Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
Y2 - 24 November 2020 through 27 November 2020
ER -