An Equivalence Between Attribute-Based Signatures and Homomorphic Signatures, and New Constructions for Both
نویسنده
چکیده
In Attribute-Based Signatures (ABS; first defined by Maji, Prabhakaran and Rosulek, CTRSA 2011) an authority can generate multiple signing keys, where each key is associated with a constraint f . A key respective to f can sign a message x only if f(x) = 0. The security requirements are unforgeability and key privacy (signatures should not expose the specific signing key used). In Homomorphic Signatures (HS; first defined by Boneh and Freeman, PKC 2011), given a signature for a data-set x, one can evaluate a signature for the pair (f(x), f), for functions f . In context-hiding HS, evaluated signatures do not reveal information about the pre-evaluated signature. In this work we start by showing that these two notions are in fact equivalent. The first implication of this equivalence is a new lattice-based ABS scheme for polynomial-depth circuits, based on the HS construction of Gorbunov, Vaikuntanathan and Wichs (GVW; STOC 2015). We then construct a new ABS candidate from a worst case lattice assumption (SIS), with different parameters. Using our equivalence again, now in the opposite direction, our new ABS implies a new lattice-based HS scheme with different parameter trade-off, compared to the aforementioned GVW. ∗Weizmann Institute of Science, [email protected]. Supported by the Israel Science Foundation (Grant No. 468/14) and Binational Science Foundation (Grant No. 712307).
منابع مشابه
Parametrization of Pedestrian Injuries and its Utilisation in Proving Traffic Accidents Course Using Injury Signatures and Contact Signatures
Background: The paper points out the present limited possibility of using the verbal description of injuries for the needs of experts from the field of road transportation as relevant criminalistics traces, as well as the options of the FORTIS system that creates a new area for a deeper interdisciplinary approach in the field of expert evidence. Further a description of how to create injury si...
متن کاملBounded Fully Homomorphic Signature Schemes
Homomorphic signatures enable anyone to publicly perform computations on signed data and produce a compact tag to authenticate the results. In this paper, we construct two bounded fully homomorphic signature schemes, as follows. – For any two polynomials d = d(λ), s = s(λ), where λ is the security parameter. Our first scheme is able to evaluate any circuit on the signatures, as long as the dept...
متن کاملComputing on Authenticated Data for Adjustable Predicates
The notion of P-homomorphic signatures, introduced by Ahn et al. (TCC 2012), generalizes various approaches for public computations on authenticated data. For a given predicate P anyone can derive a signature for a message m′ from the signatures of a set of messages M , as long as P(M,m′) = 1. This definition hence comprises notions and constructions for concrete predicates P such as homomorphi...
متن کاملExploring Gene Signatures in Different Molecular Subtypes of Gastric Cancer (MSS/ TP53+, MSS/TP53-): A Network-based and Machine Learning Approach
Gastric cancer (GC) is one of the leading causes of cancer mortality, worldwide. Molecular understanding of GC’s different subtypes is still dismal and it is necessary to develop new subtype-specific diagnostic and therapeutic approaches. Therefore developing comprehensive research in this area is demanding to have a deeper insight into molecular processes, underlying these subtypes. In this st...
متن کاملA Zoo of Homomorphic Signatures: Multi-Key and Key-Homomorphism
Homomorphic signatures (HS) allow evaluation of signed messages by producing a signature on a function of messages signed by the same key. Motivated by the vast potential of applications, we initiate the study of multi-key HS (M-HS) which allows evaluation of signatures under different keys. We also study other multi-key extensions, namely, hierarchical HS (M-HiHS) for delegation of signing pow...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017