%0 Electronic Article
%A Sebastian Meiser
%+ Information Security Group, Department of Computer Science, University College London, London, UK
%A Dominique Schröder
%+ Chair of Applied Cryptography, Faculty of Engineering, Friedrich-Alexander University Erlangen-Nürnberg, Nürnberg, Germany
%K signature primitives
%K DFS
%K doubly-enhanced trapdoor permutations
%K blind signatures
%K sanitisable signatures
%K policy-based signatures
%K identity-based signatures
%K delegatable functional signatures
%X The authors introduce delegatable functional signatures (DFS) which support the delegation of signing capabilities to another party, called the evaluator, with respect to a functionality F . In a DFS, the signer of a message can choose an evaluator, specify how the evaluator can modify the signature without voiding its validity, allow additional input, and decide how the evaluator can further delegate its capabilities. Technically, DFS unify several seemingly different signature primitives, including functional signatures and policy-based signatures, sanitisable signatures, identity-based signatures, and blind signatures. The authors characterise the instantiability of DFS with respect to the corresponding security notions of unforgeability and privacy. On the positive side, they show that privacy-free DFS can be constructed from one-way functions. Furthermore, they show that unforgeable and private DFS can be constructed from doubly-enhanced trapdoor permutations. On the negative side, they show that the previous result is optimal regarding its underlying assumptions. Their impossibility result shows that unforgeable private DFS cannot be constructed from one-way permutations.
%@ 1751-8709
%T Delegatable functional signatures
%B IET Information Security
%D May 2018
%V 12
%N 3
%P 194-206
%I Institution of Engineering and Technology
%U https://digital-library.theiet.org/;jsessionid=29yau982sllgr.x-iet-live-01content/journals/10.1049/iet-ifs.2017.0082
%G EN