Practical Short Signature Batch Verification

Ferrara, Anna Lisa, Green, Matthew, Hohenberger, Susan and Pedersen, Michael Østergaard (2009) Practical Short Signature Batch Verification At Topics in Cryptology - The Cryptographers' Track at the RSA Conference, United States. 20 - 24 Apr 2009. , pp. 309-324.


[img] PDF CT-RSA09.pdf - Version of Record
Download (388kB)


In many applications, it is desirable to work with digital signatures that are short, and yet where many messages from different signers be verified very quickly. RSA signatures satisfy the latter condition, but are generally thousands of bits in length. Recent developments in pairing-based cryptography produced a number of “short” signatures which provide equivalent security in a fraction of the space. Unfortunately, verifying these signatures is computationally intensive due to the expensive pairing operation. Toward achieving “short and fast” signatures, Camenisch, Hohenberger and Pedersen (Eurocrypt 2007) showed how to batch verify two pairing-based schemes so that the total number of pairings was independent of the number of signatures to verify. In this work, we present both theoretical and practical contributions. On the theoretical side, we introduce new batch verifiers for a wide variety of regular, identity-based, group, ring and aggregate signature schemes. These are the first constructions for batching group signatures, which answers an open problem of Camenisch et al. On the practical side, we implement each of these algorithms and compare each batching algorithm to doing individual verifications. Our goal is to test whether batching is practical; that is, whether the benefits of removing pairings significantly outweigh the cost of the additional operations required for batching, such as group membership testing, randomness generation, and additional modular exponentiations and multiplications. We experimen- tally verify that the theoretical results of Camenisch et al. and this work, indeed, provide an efficient, effective approach to verifying multiple signatures from (possibly) different signers.

Item Type: Conference or Workshop Item (Paper)
Additional Information: Event Dates: April 20-24, 2009
Venue - Dates: Topics in Cryptology - The Cryptographers' Track at the RSA Conference, United States, 2009-04-20 - 2009-04-24
Organisations: Electronic & Software Systems
ePrint ID: 272477
Date :
Date Event
April 2009Published
Date Deposited: 15 Jun 2011 16:10
Last Modified: 17 Apr 2017 17:44
Further Information:Google Scholar

Actions (login required)

View Item View Item