Practical Round-Optimal Blind Signatures in the ROM from Standard Assumptions

OPEN ACCESS

Downloads

Full text (submitted version) (PDF, 719.82 KB)

Author / Producer

Katsumata, Shuichi Reichle, Michael Sakai, Yusuke

Date

2023

Publication Type

Conference Paper

ETH Bibliography

no

Citations

Altmetric
OPEN ACCESS

Downloads

Full text (submitted version) (PDF, 719.82 KB)

Data

Rights / License

In Copyright - Non-Commercial Use Permitted north_east

Abstract

Blind signatures serve as a foundational tool for privacy-preserving applications and have recently seen renewed interest due to new applications in blockchains and privacy-authentication tokens. With this, constructing practical round-optimal (i.e., signing consists of the minimum two rounds) blind signatures in the random oracle model (ROM) has been an active area of research, where several impossibility results indicate that either the ROM or a trusted setup is inherent. In this work, we present two round-optimal blind signatures under standard assumptions in the ROM with different approaches: one achieves the smallest sum of the signature and communication sizes, while the other achieves the smallest signature size. Both of our instantiations are based on standard assumptions over asymmetric pairing groups, i.e., CDH, DDH, and/or SXDH. Our first construction is a highly optimized variant of the generic blind signature construction by Fischlin (CRYPTO’06) and has signature and communication sizes 447 B and 303 B, respectively. We progressively weaken the building blocks required by Fischlin and we result in the first blind signature where the sum of the signature and communication sizes fit below 1 KB based on standard assumptions. Our second construction is a semi-generic construction from a specific class of randomizable signature schemes that admits an all-but-one reduction. The signature size is only 96 B while the communication size is 2.2 KB. This matches the previously known smallest signature size while improving the communication size by several orders of magnitude. Finally, both of our constructions rely on a (non-black box) fine-grained analysis of the forking lemma that may be of independent interest.

Permanent link

https://doi.org/10.3929/ethz-b-000645372

Publication status

published

External links

https://doi.org/10.1007/978-981-99-8724-5_12 north_east

Editor

Guo, Jian north_east Steinfeld, Ron north_east

Book title

Advances in Cryptology – ASIACRYPT 2023

Journal / series

Volume

14439

Pages / Article No.

383 - 417

Publisher

Springer

Event

29th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2023)

Edition / version

Methods

Software

Geographic location

Date collected

Date created

Subject

Organisational unit

09693 - Hofheinz, Dennis / Hofheinz, Dennis check_circle

Notes

Funding

Related publications and datasets

More

Show all metadata