Authorized function homomorphic signature
Homomorphic signature (HS) is a novel primitive that allows an agency to carry out arbitrary (polynomial time) computation f on the signed data→m and accordingly gain a signature σh for the computation result f (→m ) with respect to f on behalf of the data owner (DO). However, since DO lacks control of the agency's behavior, receivers would believe that DO did authenticate the computation result even if the agency misbehaves and applies a function that the DO does not want. To address the problem above, in this paper we introduce a new primitive called authorized function homomorphic signature (AFHS). In AFHS, the agency has to obtain a confidence key skf from DO in order to evaluate a function f on the data→m and to obtain a signature with which one can check whether the agency acts in accordance with DO's instructions. A black-box construction of AFHS based on HS is given in this paper, and we show that if the underlying primitives are secure, so is our construction under the given security model. Moreover, we provide a somewhat concrete construction that offers stronger security guarantee.