RT Journal Article
A1 Sebastian Meiser
AD Information Security Group, Department of Computer Science, University College London, London, UK
A1 Dominique Schröder
AD Chair of Applied Cryptography, Faculty of Engineering, Friedrich-Alexander University Erlangen-Nürnberg, Nürnberg, Germany

PB iet
T1 Delegatable functional signatures
JN IET Information Security
VO 12
IS 3
SP 194
OP 206
AB The authors introduce delegatable functional signatures (DFS) which support the delegation of signing capabilities to another party, called the evaluator, with respect to a functionality F . In a DFS, the signer of a message can choose an evaluator, specify how the evaluator can modify the signature without voiding its validity, allow additional input, and decide how the evaluator can further delegate its capabilities. Technically, DFS unify several seemingly different signature primitives, including functional signatures and policy-based signatures, sanitisable signatures, identity-based signatures, and blind signatures. The authors characterise the instantiability of DFS with respect to the corresponding security notions of unforgeability and privacy. On the positive side, they show that privacy-free DFS can be constructed from one-way functions. Furthermore, they show that unforgeable and private DFS can be constructed from doubly-enhanced trapdoor permutations. On the negative side, they show that the previous result is optimal regarding its underlying assumptions. Their impossibility result shows that unforgeable private DFS cannot be constructed from one-way permutations.
K1 signature primitives
K1 DFS
K1 doubly-enhanced trapdoor permutations
K1 blind signatures
K1 sanitisable signatures
K1 policy-based signatures
K1 identity-based signatures
K1 delegatable functional signatures
DO https://doi.org/10.1049/iet-ifs.2017.0082
UL https://digital-library.theiet.org/;jsessionid=2j0g554a76nc7.x-iet-live-01content/journals/10.1049/iet-ifs.2017.0082
LA English
SN 1751-8709
YR 2018
OL EN