Abstract :
At Eurocrypt’06, Lu et al. presented the first Sequential aggregate signature (SAS) provably secure without random oracles. The drawback of their scheme is that users need long public keys and the security model makes the Knowledge of secure key (KOSK) assumption. We present the first SAS scheme, which the user needs short public keys and the security is proven without random oracles, in the plain public key model. We also present the first Multisignature (MS) scheme in the plain public key model, which the security is proven without random oracles.
