Functional signatures: new definition and constructions
Functional signatures (FS) enable a master authority to delegate its signing privilege to an assistant. Concretely, the master authority uses its secret key sk(F) to issue a signing key sk(f) for a designated function f is an element of F-FS and sends both f and sk(f) to the assistant E, which is th...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2021
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7298 https://ink.library.smu.edu.sg/context/sis_research/article/8301/viewcontent/222301.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8301 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-83012022-09-29T07:40:01Z Functional signatures: new definition and constructions GUO, Qingwen HUANG, Qiong MA, Sha XIAO, Meiyan YANG, Guomin SUSILO, Willy Functional signatures (FS) enable a master authority to delegate its signing privilege to an assistant. Concretely, the master authority uses its secret key sk(F) to issue a signing key sk(f) for a designated function f is an element of F-FS and sends both f and sk(f) to the assistant E, which is then able to compute a signature sigma(f) with respect to pk(F) for a message y in the range of f. In this paper, we modify the syntax of FS slightly to support the application scenario where a certificate of authorization is necessary. Compared with the original FS, our definition requires that F-FS is an injective function family and for any f(0), f(1) is an element of F-FS there does not exist an intersection between range(f(0)) and range(f(1)). Accordingly, we redefine the security of FS and introduce two additional security notions, called unlinkability and accountability. Signatures sigma(f) in our definition do not expose the intention of the master authority. We propose two constructions of FS. The first one is a generic construction based on signatures with perfectly re-randomizable keys, non-interactive zero-knowledge proof (NIZK) and traditional digital signatures, and the other is based on RSA (Rivest-Shamir- Adleman) signatures with full domain hash and NIZK. We prove that both schemes are secure under the given security models. 2021-12-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7298 info:doi/10.1007/s11432-019-2855-3 https://ink.library.smu.edu.sg/context/sis_research/article/8301/viewcontent/222301.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University cloud computation security digital signature functional signature non-interactive zeroknowledge proof e-commerce E-Commerce Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
cloud computation security digital signature functional signature non-interactive zeroknowledge proof e-commerce E-Commerce Information Security |
| spellingShingle |
cloud computation security digital signature functional signature non-interactive zeroknowledge proof e-commerce E-Commerce Information Security GUO, Qingwen HUANG, Qiong MA, Sha XIAO, Meiyan YANG, Guomin SUSILO, Willy Functional signatures: new definition and constructions |
| description |
Functional signatures (FS) enable a master authority to delegate its signing privilege to an assistant. Concretely, the master authority uses its secret key sk(F) to issue a signing key sk(f) for a designated function f is an element of F-FS and sends both f and sk(f) to the assistant E, which is then able to compute a signature sigma(f) with respect to pk(F) for a message y in the range of f. In this paper, we modify the syntax of FS slightly to support the application scenario where a certificate of authorization is necessary. Compared with the original FS, our definition requires that F-FS is an injective function family and for any f(0), f(1) is an element of F-FS there does not exist an intersection between range(f(0)) and range(f(1)). Accordingly, we redefine the security of FS and introduce two additional security notions, called unlinkability and accountability. Signatures sigma(f) in our definition do not expose the intention of the master authority. We propose two constructions of FS. The first one is a generic construction based on signatures with perfectly re-randomizable keys, non-interactive zero-knowledge proof (NIZK) and traditional digital signatures, and the other is based on RSA (Rivest-Shamir- Adleman) signatures with full domain hash and NIZK. We prove that both schemes are secure under the given security models. |
| format |
text |
| author |
GUO, Qingwen HUANG, Qiong MA, Sha XIAO, Meiyan YANG, Guomin SUSILO, Willy |
| author_facet |
GUO, Qingwen HUANG, Qiong MA, Sha XIAO, Meiyan YANG, Guomin SUSILO, Willy |
| author_sort |
GUO, Qingwen |
| title |
Functional signatures: new definition and constructions |
| title_short |
Functional signatures: new definition and constructions |
| title_full |
Functional signatures: new definition and constructions |
| title_fullStr |
Functional signatures: new definition and constructions |
| title_full_unstemmed |
Functional signatures: new definition and constructions |
| title_sort |
functional signatures: new definition and constructions |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2021 |
| url |
https://ink.library.smu.edu.sg/sis_research/7298 https://ink.library.smu.edu.sg/context/sis_research/article/8301/viewcontent/222301.pdf |
| _version_ |
1770576307088785408 |