Shorter double-authentication preventing signatures for small address spaces.

A recent paper by Derler, Ramacher, and Slamanig (IEEE EuroSu0026P 2018) constructs double-authentication preventing signatures (“DAP signatures”, a specific self-enforcement enabled variant of signatures where messages consist of an address and a payload) that have—if the supported address space is not too large—keys and signatures that are considerably more compact than those of prior work. We embark on their approach to restrict attention to small address spaces and construct novel DAP schemes that beat their signature size by a factor of five and reduce the signing key size from linear to constant (the verification key size remains almost the same). We construct our DAP signatures generically from identification protocols, using a transform similar to but crucially different from that of Fiat and Shamir. We use random oracles. We don’t use pairings.