A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Accountable-subgroup multisignatures: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
Practical Short Signature Batch Verification
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Server-aided signatures verification secure against collusion attack
Information Security Tech. Report
Hi-index | 0.01 |
Recently, Boneh et al. proposed the concept of an aggregate signature, introduced security models for such signatures, and also presented some applications. An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into a single short signature. This single signature, along with the n original messages will convince verifiers that the n users did indeed sign the n original messages respectively, i.e., user i signed message Mi for i = 1, ..., n. In this paper, however, we find that their security model has some defects. The capacity that the adversaries possess was constrained according to the standard security definition of signatures. We propose an improvement of the Boneh’s scheme by presenting a new security model and giving a formal proof in random oracle model.