[Cryptography] Aggregate signatures
Steve Weis
steveweis at gmail.com
Sun Jun 8 21:54:53 EDT 2014
Hi. First off, the paper you linked to is a student's final semester
project. I don't know how solid it is. You may want to check out the
Boneh, Lynn, Gentry & Shacham aggregate signature scheme from:
http://eprint.iacr.org/2002/175
There is an unrestricted version proven secure by Bellare, Namprempre
and Neven here: http://eprint.iacr.org/2006/285
To my knowledge, none of this is standardized. As for library support,
the Relic Toolkit from Diego F. Aranha may have the support you'd
need, although I haven't looked at it closely:
https://code.google.com/p/relic-toolkit/
Ben Lynn's PBC library also offers similar support, but I've been told
that Relic is more modern and better maintained:
http://crypto.stanford.edu/pbc/
I don't know of anyone using these in production or real world
applications, but would be interested in hearing about any examples. I
do know there has been some interest from the Bitcoin community in
aggregate signatures that are fast to verify.
On Sun, Jun 8, 2014 at 2:47 AM, xor <crypto at idlecore.com> wrote:
> I'm a programmer, I need a way to have several people sign the same
> message, and then send that message to several other people. I'd like to
> be able to scale 'several people' to up to a million, so a list of
> individual signatures doesn't work so well. I'm not sure what
> cryptographic tool I require, but I'm looking into aggregate signatures.
> Something like this:
>
> http://theory.stanford.edu/~dfreeman/cs259c-f11/finalpapers/aggregatesigs.pdf
>
> I couldn't find however a single implementation, I couldn't find one in
> openssl, nss, or anywhere else. Does anyone know of a decent
> implementation? Does anyone know if there is even a standard?
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the cryptography
mailing list