Append-only signatures

  • Authors:
  • Eike Kiltz;Anton Mityagin;Saurabh Panjwani;Barath Raghavan

  • Affiliations:
  • Department of Computer Science and Engineering, University of California, San Diego;Department of Computer Science and Engineering, University of California, San Diego;Department of Computer Science and Engineering, University of California, San Diego;Department of Computer Science and Engineering, University of California, San Diego

  • Venue:
  • ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

We present a new primitive – Append-only Signatures (AOS) – with the property that any party given an AOS signature Sig[M1] on message M1 can compute Sig[M1 || M2] for any message M2, where M1 || M2 is the concatenation of M1 and M2. We define the security of AOS, present concrete AOS schemes, and prove their security under standard assumptions. In addition, we find that despite its simple definition, AOS is equivalent to Hierarchical Identity-based Signatures (HIBS) through efficient and security-preserving reductions. Finally, we show direct applications of AOS to problems in network security. Our investigations indicate that AOS is both useful in practical applications and worthy of further study as a cryptographic primitive.