public interface StructurePreservingSignatureEQScheme extends MultiMessageStructurePreservingSignatureScheme
This is a special case of a multi-message signature scheme because SPS-EQ additionally supports a change of the representative of the equivalence class that is signed.
See paper [1] for the definition of SPS-EQ.
[1] Georg Fuchsbauer and Christian Hanser and Daniel Slamanig, "Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials", in Cryptology ePrint Archive, Report 2014/944, 2014.
| Modifier and Type | Method and Description |
|---|---|
Signature |
chgRep(Signature signature,
org.cryptimeleon.math.structures.rings.zn.Zn.ZnElement mu,
VerificationKey publicKey)
Returns a signature for the new representative computed based on the previous representative and the given
scalar
mu. |
PlainText |
chgRepMessage(PlainText plainText,
org.cryptimeleon.math.structures.rings.zn.Zn.ZnElement mu)
Computes and returns the new representative computed based on the previous representative
plainText
and the given scalar mu. |
Signature |
chgRepWithVerify(PlainText plainText,
Signature signature,
org.cryptimeleon.math.structures.rings.zn.Zn.ZnElement mu,
VerificationKey publicKey)
Same as
chgRep(Signature, Zn.ZnElement, VerificationKey) but verifies the signature before
changing representative. |
sign, sign, verify, verifygenerateKeyPair, generateKeyPairsign, sign, verify, verifygetMaxNumberOfBytesForMapToPlaintext, mapToPlaintext, mapToPlaintext, restoreFromRepresentation, restorePlainText, restoreSignature, restoreSigningKey, restoreVerificationKey, sign, sign, verify, verifySignature chgRep(Signature signature, org.cryptimeleon.math.structures.rings.zn.Zn.ZnElement mu, VerificationKey publicKey)
mu.
If you have not yet verified the signature on the plaintext under the given verification key, use
chgRepWithVerify(PlainText, Signature, Zn.ZnElement, VerificationKey) instead.
This method returns a signature matching the new representative of \([M]_R\), where \(M\) is the orignal plaintext.
The new representative of \([M]_R\) is supposed to be generated externally by using \(M\) and element \(\mu\).
The matching signature \(\sigma'\) for the new representative \(\mu \cdot M\) of \([M]_R\) is computed such that
verify(M.pow(), sigma') == true.
See paper [1] for details.
Signature chgRepWithVerify(PlainText plainText, Signature signature, org.cryptimeleon.math.structures.rings.zn.Zn.ZnElement mu, VerificationKey publicKey)
chgRep(Signature, Zn.ZnElement, VerificationKey) but verifies the signature before
changing representative.plainText under publicKey,
else a valid signature on the new representativechgRep(Signature, Zn.ZnElement, VerificationKey)