Batch Signatures, Revisited.

Carlos Aguilar Melchor, Martin R. Albrecht, Thomas Bailleux, Nina Bindel, James Howe, Andreas Hülsing, David Joseph, Marc Manzano

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review


We revisit batch signatures (previously considered in a draft RFC and used in multiple recent works), where a single, potentially expensive, “inner” digital signature authenticates a Merkle tree constructed from many messages. We formalise a construction and prove its unforgeability and privacy properties. We also show that batch signing allows us to scale slow signing algorithms, such as those recently selected for standardisation as part of NIST’s post-quantum project, to high throughput, with a mild increase in latency and demonstrate the practical efficiency of batch signing in the context of TLS. For the example of Falcon-512 in TLS, we can increase the amount of connections per second by a factor 3.2, at the cost of an increase in the signature size by 14% and the median latency by 25%; both run on the same 30 core server. For SPHINCS-128, throughput improves by a factor 4.6, with a negligible impact on signature size and an 11% impact on median latency. We also discuss applications where batch signatures allow us to increase throughput and to save bandwidth. For example, again for 16 Falcon-512 signatures, once one batch signature is available, the additional bandwidth for each of the remaining is only 82 bytes.

Originele taal-2Engels
TitelTopics in Cryptology – CT-RSA 2024 - Cryptographers’ Track at the RSA Conference 2024, Proceedings
RedacteurenElisabeth Oswald
Aantal pagina's24
StatusGepubliceerd - 2024

Publicatie series

NaamLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume14643 LNCS
ISSN van geprinte versie0302-9743
ISSN van elektronische versie1611-3349

Bibliografische nota

DBLP License: DBLP's bibliographic metadata records provided through are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.


Duik in de onderzoeksthema's van 'Batch Signatures, Revisited.'. Samen vormen ze een unieke vingerafdruk.

Citeer dit