Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [bls-signature]

The Boneh-Lynn-Shacham Signature scheme is a scheme where multiple signatures can be combined into one and verified given a public key, the data to be verified and a single combined signature.

The BLS signature scheme is being standardized in Verifiable Random Functions (VRFs) - draft-irtf-cfrg-vrf-05. A short explanation can be found here (cryptologie.net).

54 questions
5
votes
1 answer

Compressing BLS signature with a hash function

It seems to me, that it should be possible to hash BLS signature to achieve significant space saving. Here is how it could work: Assuming we have a pairing-friendly elliptic curve with two generator points $G_1$ and $G_2$. Let's say my public key is…
irakliy
  • 969
  • 7
  • 16
4
votes
1 answer

How is a BLS Private Key generated? What are the different names for the parts?

relic, the library used by the majority of BLS implementations, is rather difficult to build cross-platform. Because of this, I've been looking for other pure BLS implementations that don't rely on C - and I've found one in Go and another in…
coolaj86
  • 193
  • 1
  • 5
0
votes
0 answers

Does BLS aggregating signatures allow duplicate signatures?

If there is a message $m_1$ that $H(m_1) \rightarrow g^r$ and there is another message $m_2$ that $H(m_2) \rightarrow g^k$, where $g^k$ is also a generator of $G$, is this possible? then $g^r$ could equal $(g^k)^m$, where $m < p$, $p$ is the order…
Ray James
  • 45
  • 5
0
votes
0 answers

Look for a signature method similar to proxy resigning

The tag of a file is generated by the user's private key, which includes the file data, the file identifier and other contents. Is there any signature algorithm that can modify the file identifier information and regenerate the file signature under…
nan gan
  • 1
0
votes
1 answer

How is BLS secure against adaptive selection message attacks when the message is known?

Maybe the below question is similar to what I was thinking, but I don't understand: Is BLS signature scheme strongly unforgeable? Below is the attack method I was thinking of. If know m, can't create a new signature from it? sk is secret key pk is…
user212942
  • 209
  • 1
  • 7