Signature Renewal for Low Entropy Data

摘要

We consider the problem of publicly authenticating low entropy data, or even data which vary slightly over time, with an assurance on their freshness at the time of authentication. While traditional digital signatures can be used, it is always interesting to decrease the computation costs of a signature generation. This is particularly true when authentication of a value is requested on a frequent or regular basis. In this paper, we investigate how we can amortize the cost of an asymmetric signature scheme by the use of cryptographic hash-based data structures. For this purpose, we revisit data structures that were previously used for certificate revocation and micro-payment, namely Merkle trees and QuasiModo trees. We thus propose two lightweight signature schemes amortizing the use of a traditional signature scheme. The first one refreshes at low cost the validity period of a signature, assuming we are able to estimate the number of consecutive validity periods over which the data will not change. The second scheme does not require any prediction and refreshes both the validity and the value to authenticate. Finally, optimization trade-offs and the use of a weak hash function are discussed.