Towards Stronger Functional Signatures

Preprint, 2021

Functional digital Signatures (FS) schemes introduced by Boyle, Goldwasser and Ivan (PKC 2014) provide a method to generate fine-grained digital signatures in which a master key-pair $(\msk,\mvk)$ is used to generate a signing secret-key $\sk_\function$ for a function $f$ that allows to sign any message $\msg$ into the message $f(\msg)$ and signature $\sigma$.
The verification algorithm takes the master verification-key $\mvk$ and checks that the signature $\sigma$ corresponding to $f(\msg)$ is valid.
In this paper, we enhance the FS primitive by introducing a function public-key $\pk_f$ that acts as a commitment for the specific signing key $\sk_f$. This public-key is used during the verification phase and guarantees that the message-signature pair is indeed the result generated by employing the specific key $\sk_f$ in the signature phase, a property not achieved by the original FS scheme.

This enhanced FS scheme is defined as Strong Functional Signatures (SFS) for which we define the properties of unforgeability as well as the function hiding property.
Finally, we provide an unforgeable, function hiding SFS instance in the random oracle model based on Boneh-Lynn-Shacham signature scheme (ASIACRYPT 2001) and Fiore-Gennaro's publicly verifiable computation scheme (CCS 2012).