Malleable Signatures: New Definitions and Delegatable Anonymous Credentials

Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, Sarah Meiklejohn

Research output: Chapter in Book/Report/Conference proceedingConference contribution


A signature scheme is malleable if, on input a message and a signature, it is possible to efficiently compute a signature on a related message, for a transformation that is allowed with respect to this signature scheme. In this paper, we first provide new definitions for malleable signatures that allow us to capture a broader range of transformations than was previously possible. We then give a generic construction based on malleable zero-knowledge proofs that allows us to construct malleable signatures for a wide range of transformation classes, with security properties that are stronger than those that have been achieved previously. Finally, we construct delegatable anonymous credentials from signatures that are malleable with respect to an appropriate class of transformations (that we show our malleable signature supports). The resulting instantiation satisfies a stronger security notion than previous schemes while also scaling linearly with the number of delegations.
Original languageEnglish
Title of host publicationIEEE 27th Computer Security Foundations Symposium, CSF 2014, Vienna, Austria, 19-22 July, 2014
Number of pages15
ISBN (Electronic)978-1-4799-4290-9
Publication statusPublished - 20 Nov 2014
Event27th IEEE Computer Security Foundations Symposium (CSF) - Vienna, Austria
Duration: 19 Jul 201422 Jul 2014


Conference27th IEEE Computer Security Foundations Symposium (CSF)
Abbreviated titleCSF2014
Internet address

Cite this