International Association for Cryptologic Research

International Association
for Cryptologic Research


Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys

Michael Backes
Lucjan Hanzlik
Kamil Kluczniak
Jonas Schneider
DOI: 10.1007/978-3-030-03329-3_14
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2018
Abstract: We introduce a new cryptographic primitive called signatures with flexible public key $$(\mathsf{SFPK})$$. We divide the key space into equivalence classes induced by a relation $$\mathcal {R}$$. A signer can efficiently change his or her key pair to a different representatives of the same class, but without a trapdoor it is hard to distinguish if two public keys are related. Our primitive is motivated by structure-preserving signatures on equivalence classes ($$\mathsf{SPS\text {-}EQ}$$), where the partitioning is done on the message space. Therefore, both definitions are complementary and their combination has various applications.We first show how to efficiently construct static group signatures and self-blindable certificates by combining the two primitives. When properly instantiated, the result is a group signature scheme that has a shorter signature size than the current state-of-the-art scheme by Libert, Peters, and Yung from Crypto’15, but is secure in the same setting.In its own right, our primitive has stand-alone applications in the cryptocurrency domain, where it can be seen as a straightforward formalization of so-called stealth addresses. Finally, it can be used to build the first efficient ring signature scheme in the plain model without trusted setup, where signature size depends only sub-linearly on the number of ring members. Thus, we solve an open problem stated by Malavolta and Schröder at ASIACRYPT’2017.
  title={Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys},
  booktitle={Advances in Cryptology – ASIACRYPT 2018},
  series={Lecture Notes in Computer Science},
  author={Michael Backes and Lucjan Hanzlik and Kamil Kluczniak and Jonas Schneider},