2011 | OriginalPaper | Chapter
Commuting Signatures and Verifiable Encryption
Author : Georg Fuchsbauer
Published in: Advances in Cryptology – EUROCRYPT 2011
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Verifiable encryption allows one to encrypt a signature while preserving its public verifiability. We introduce a new primitive called
commuting signatures and verifiable encryption
that extends this in multiple ways, such as enabling encryption of both signature and message while proving validity. More importantly, given a ciphertext, a signer can create a verifiably encrypted signature on the encrypted (unknown) message, which leads to the same result as first signing the message and then verifiably encrypting the message/signature pair; thus, signing and encrypting commute. Our instantiation is based on the recently introduced
automorphic signatures
and Groth-Sahai proofs, which we show to be homomorphic. We also prove a series of other properties and provide a novel approach to simulation.
As an application, we give an instantiation of
delegatable anonymous credentials
, a primitive introduced by Belenkiy et al. Our construction is arguably simpler than theirs and it is the first to provide
non-interactive
(and thus concurrently secure) issuing and delegation protocols, which are significantly more efficient. Moreover, the size of our credentials and the cost of verification are less than half of those of the previous instantiation. All our constructions are proven secure in the standard model under known non-interactive assumptions.