A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Transitive Signatures Based on Factoring and RSA
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Transitive signatures: new schemes and proofs
IEEE Transactions on Information Theory
Sampling from Signed Quadratic Residues: RSA Group Is Pseudofree
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Bounded vector signatures and their applications
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Short transitive signatures for directed trees
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Computing on authenticated data
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
A new definition of homomorphic signature for identity management in mobile cloud computing
Journal of Computer and System Sciences
Slight Homomorphic Signature for Access Controlling in Cloud Computing
Wireless Personal Communications: An International Journal
Hi-index | 5.23 |
Transitive signatures allow a signer to authenticate edges in a graph, in such a way that anyone, given the public key and two signatures on adjacent edges (i,j) and (j,k), can compute a third signature on edge (i,k). A number of schemes have been proposed for undirected graphs, but the case of directed graphs remains an open problem. At CT-RSA 2007, Yi presented a scheme for directed trees based on RSA and a standard signature scheme. We present a new, conceptually simple, and generic construction from standard signatures only. Apart from not relying on any RSA-related security assumptions, our scheme outperforms that of Yi in both computation time and (worst-case) signature length. Our results indicate that the setting envisaged by Yi is much simpler than the general one of directed transitive signatures, which remains an open problem.