Functional encryption, as introduced by Boneh, Sahai, and Waters (TCC'11),
generalizes public-key encryption systems to include functional decryption
capabilities. Recently, Boyle et al. as well as Bellare and
Fuchsbauer (both PKC'14) formalized analogous notions for signature schemes. Here
we discuss that both their notions are limited in terms of expressiveness in the
sense that they cannot cast known signature schemes supporting operations on
data in their frameworks. We therefore propose a notion of what we call, for
sake of distinctiveness, operational signature schemes which captures
functional signatures, policy-based signatures, sanitizable signatures, P-homomorphic signatures, ring
signatures, aggregate signatures etc., and also their message authentication code counterparts.
We discuss possible instantiations for operational signatures.
We give some positive result about achieving our general notion of operational signatures presenting a
compact construction that relies on a new combination of indistinguishability
obfuscation and random oracles. We then indicate that it is unlikely to be able to instantiate
operational signature schemes in general using one-wayness and, under some
circumstances, even using specific ``non-interactive'' assumptions like RSA.
↧