Matrioska: A Compiler for Multi-key Homomorphic Signatures

Dario Fiore; Elena Pagnin

doi:10.1007/978-3-319-98113-0_3

Matrioska: A Compiler for Multi-key Homomorphic Signatures

Research output: Chapter in Book/Report/Conference proceeding › Paper in conference proceeding › peer-review

Abstract

Multi-Key Homomorphic Signatures (MK-HS) enable clients in a system to sign and upload messages to an untrusted server. At any later point in time, the server can perform a computation C on data provided by t different clients, and return the output y and a short signature σC,y vouching for the correctness of y as the output of the function C on the signed data. Interestingly, MK-HS enable verifiers to check the validity of the signature using solely the public keys of the signers whose messages were used in the computation. Moreover, the signatures σC,y are succinct, namely their size depends at most linearly in the number of clients, and only logarithmically in the total number of inputs of C . Existing MK-HS are constructed based either on standard assumptions over lattices (Fiore et al. ASIACRYPT’16), or on non-falsifiable assumptions (SNARKs) (Lai et al., ePrint’16). In this paper, we investigate connections between single-key and multi-key homomorphic signatures. We propose a generic compiler, called Matrioska, which turns any (sufficiently expressive) single-key homomorphic signature scheme into a multi-key scheme. Matrioska establishes a formal connection between these two primitives and is the first alternative to the only known construction under standard falsifiable assumptions. Our result relies on a novel technique that exploits the homomorphic property of a single-key HS scheme to compress an arbitrary number of signatures from t different users into only t signatures.

Original language	English
Title of host publication	Security and Cryptography for Networks
Subtitle of host publication	11th International Conference, SCN 2018, Amalfi, Italy, September 5–7, 2018, Proceedings
Editors	Dario Catalano, Roberto De Prisco
Publisher	Springer
Pages	43-62
ISBN (Electronic)	978-3-319-98113-0
ISBN (Print)	978-3-319-98112-3
DOIs	https://doi.org/10.1007/978-3-319-98113-0_3
Publication status	Published - 2018
Externally published	Yes
Event	11th International Conference on Security and Cryptography for Networks, SNC 2018 - Amalfi, Italy Duration: 2018 Sept 5 → 2018 Sept 7

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	11035
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	11th International Conference on Security and Cryptography for Networks, SNC 2018
Country/Territory	Italy
City	Amalfi
Period	2018/09/05 → 2018/09/07

Subject classification (UKÄ)

Computer Sciences

Access to Document

10.1007/978-3-319-98113-0_3

Cite this

Fiore, D., & Pagnin, E. (2018). Matrioska: A Compiler for Multi-key Homomorphic Signatures. In D. Catalano, & R. De Prisco (Eds.), Security and Cryptography for Networks: 11th International Conference, SCN 2018, Amalfi, Italy, September 5–7, 2018, Proceedings (pp. 43-62). (Lecture Notes in Computer Science; Vol. 11035). Springer. https://doi.org/10.1007/978-3-319-98113-0_3

@inproceedings{24aa26683f4c49fa950addf943f4ac3f,

title = "Matrioska: A Compiler for Multi-key Homomorphic Signatures",

abstract = "Multi-Key Homomorphic Signatures (MK-HS) enable clients in a system to sign and upload messages to an untrusted server. At any later point in time, the server can perform a computation C on data provided by t different clients, and return the output y and a short signature σC,y vouching for the correctness of y as the output of the function C on the signed data. Interestingly, MK-HS enable verifiers to check the validity of the signature using solely the public keys of the signers whose messages were used in the computation. Moreover, the signatures σC,y are succinct, namely their size depends at most linearly in the number of clients, and only logarithmically in the total number of inputs of C . Existing MK-HS are constructed based either on standard assumptions over lattices (Fiore et al. ASIACRYPT{\textquoteright}16), or on non-falsifiable assumptions (SNARKs) (Lai et al., ePrint{\textquoteright}16). In this paper, we investigate connections between single-key and multi-key homomorphic signatures. We propose a generic compiler, called Matrioska, which turns any (sufficiently expressive) single-key homomorphic signature scheme into a multi-key scheme. Matrioska establishes a formal connection between these two primitives and is the first alternative to the only known construction under standard falsifiable assumptions. Our result relies on a novel technique that exploits the homomorphic property of a single-key HS scheme to compress an arbitrary number of signatures from t different users into only t signatures.",

author = "Dario Fiore and Elena Pagnin",

year = "2018",

doi = "10.1007/978-3-319-98113-0_3",

language = "English",

isbn = "978-3-319-98112-3",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "43--62",

editor = "Catalano, {Dario } and {De Prisco}, Roberto",

booktitle = "Security and Cryptography for Networks",

address = "Germany",

note = "11th International Conference on Security and Cryptography for Networks, SNC 2018 ; Conference date: 05-09-2018 Through 07-09-2018",

}

Fiore, D & Pagnin, E 2018, Matrioska: A Compiler for Multi-key Homomorphic Signatures. in D Catalano & R De Prisco (eds), Security and Cryptography for Networks: 11th International Conference, SCN 2018, Amalfi, Italy, September 5–7, 2018, Proceedings. Lecture Notes in Computer Science, vol. 11035, Springer, pp. 43-62, 11th International Conference on Security and Cryptography for Networks, SNC 2018, Amalfi, Italy, 2018/09/05. https://doi.org/10.1007/978-3-319-98113-0_3

Matrioska: A Compiler for Multi-key Homomorphic Signatures. / Fiore, Dario; Pagnin, Elena.
Security and Cryptography for Networks: 11th International Conference, SCN 2018, Amalfi, Italy, September 5–7, 2018, Proceedings. ed. / Dario Catalano; Roberto De Prisco. Springer, 2018. p. 43-62 (Lecture Notes in Computer Science; Vol. 11035).

Research output: Chapter in Book/Report/Conference proceeding › Paper in conference proceeding › peer-review

TY - GEN

T1 - Matrioska: A Compiler for Multi-key Homomorphic Signatures

AU - Fiore, Dario

AU - Pagnin, Elena

PY - 2018

Y1 - 2018

N2 - Multi-Key Homomorphic Signatures (MK-HS) enable clients in a system to sign and upload messages to an untrusted server. At any later point in time, the server can perform a computation C on data provided by t different clients, and return the output y and a short signature σC,y vouching for the correctness of y as the output of the function C on the signed data. Interestingly, MK-HS enable verifiers to check the validity of the signature using solely the public keys of the signers whose messages were used in the computation. Moreover, the signatures σC,y are succinct, namely their size depends at most linearly in the number of clients, and only logarithmically in the total number of inputs of C . Existing MK-HS are constructed based either on standard assumptions over lattices (Fiore et al. ASIACRYPT’16), or on non-falsifiable assumptions (SNARKs) (Lai et al., ePrint’16). In this paper, we investigate connections between single-key and multi-key homomorphic signatures. We propose a generic compiler, called Matrioska, which turns any (sufficiently expressive) single-key homomorphic signature scheme into a multi-key scheme. Matrioska establishes a formal connection between these two primitives and is the first alternative to the only known construction under standard falsifiable assumptions. Our result relies on a novel technique that exploits the homomorphic property of a single-key HS scheme to compress an arbitrary number of signatures from t different users into only t signatures.

AB - Multi-Key Homomorphic Signatures (MK-HS) enable clients in a system to sign and upload messages to an untrusted server. At any later point in time, the server can perform a computation C on data provided by t different clients, and return the output y and a short signature σC,y vouching for the correctness of y as the output of the function C on the signed data. Interestingly, MK-HS enable verifiers to check the validity of the signature using solely the public keys of the signers whose messages were used in the computation. Moreover, the signatures σC,y are succinct, namely their size depends at most linearly in the number of clients, and only logarithmically in the total number of inputs of C . Existing MK-HS are constructed based either on standard assumptions over lattices (Fiore et al. ASIACRYPT’16), or on non-falsifiable assumptions (SNARKs) (Lai et al., ePrint’16). In this paper, we investigate connections between single-key and multi-key homomorphic signatures. We propose a generic compiler, called Matrioska, which turns any (sufficiently expressive) single-key homomorphic signature scheme into a multi-key scheme. Matrioska establishes a formal connection between these two primitives and is the first alternative to the only known construction under standard falsifiable assumptions. Our result relies on a novel technique that exploits the homomorphic property of a single-key HS scheme to compress an arbitrary number of signatures from t different users into only t signatures.

U2 - 10.1007/978-3-319-98113-0_3

DO - 10.1007/978-3-319-98113-0_3

M3 - Paper in conference proceeding

SN - 978-3-319-98112-3

T3 - Lecture Notes in Computer Science

SP - 43

EP - 62

BT - Security and Cryptography for Networks

A2 - Catalano, Dario

A2 - De Prisco, Roberto

PB - Springer

T2 - 11th International Conference on Security and Cryptography for Networks, SNC 2018

Y2 - 5 September 2018 through 7 September 2018

ER -

Matrioska: A Compiler for Multi-key Homomorphic Signatures

Abstract

Publication series

Conference

Subject classification (UKÄ)

Access to Document

Fingerprint

Cite this