Welcome to the resource topic for 2020/979
Title:
Mercurial Signatures for Variable-Length Messages
Authors: Elizabeth C. Crites, Anna Lysyanskaya
Abstract:Mercurial signatures are a useful building block for privacy-preserving schemes, such as anonymous credentials, delegatable anonymous credentials, and related applications. They allow a signature \sigma on a message m under a public key \mathsf{pk} to be transformed into a signature \sigma' on an equivalent message m' under an equivalent public key \mathsf{pk}' for an appropriate notion of equivalence. For example, \mathsf{pk} and \mathsf{pk}' may be unlinkable pseudonyms of the same user, and m and m' may be unlinkable pseudonyms of a user to whom some capability is delegated. The only previously known construction of mercurial signatures suffers a severe limitation: in order to sign messages of length n, the signer’s public key must also be of length n. In this paper, we eliminate this restriction and provide a signing protocol that admits messages of any length. This significantly improves the applicability of mercurial signatures to chains of anonymous credentials.
ePrint: https://eprint.iacr.org/2020/979
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .