BLS signatures
Generated by GPT-5-miniExpansion Funnel Raw 65 → Dedup 0 → NER 0 → Enqueued 0
| BLS signatures | |
|---|---|
| Name | BLS signatures |
| Type | Cryptographic signature scheme |
| Introduced | 2004 |
| Designer | Dan Boneh; Ben Lynn; Hovav Shacham |
| Based on | Pairing-based cryptography |
| Applications | Blockchains; Distributed systems; Threshold cryptography |
BLS signatures
BLS signatures are a pairing-based public-key signature scheme introduced in 2004 by Dan Boneh, Ben Lynn, and Hovav Shacham that enables short signatures and novel aggregation capabilities. The scheme builds on pairings over elliptic curves and has influenced research and deployment across several Stanford University-linked cryptographers and projects in Ethereum, Zcash, and threshold systems. Its combination of succinctness and aggregate verification has led to widespread study in academic venues such as CRYPTO, EUROCRYPT, and ASIACRYPT.
Introduction
The scheme was proposed by researchers affiliated with Stanford University, RSA Laboratories, and other institutions during a period of active work on pairing-based cryptography alongside efforts by teams at IBM Research, Microsoft Research, and University of California, Berkeley. Early demonstrations compared BLS to alternatives like the RSA signature and the Elliptic Curve Digital Signature Algorithm used in systems influenced by National Institute of Standards and Technology standards and implementations at organizations such as OpenSSL and GNU Privacy Guard.
Cryptographic Background
BLS relies on bilinear pairings defined on groups derived from elliptic curves that were examined in research from groups at University of Waterloo, Shanghai Jiao Tong University, and Korea Advanced Institute of Science and Technology. The mathematical primitives underpinning BLS draw on properties studied in contexts related to the Weil pairing, the Tate pairing, and curve selections influenced by work at Certicom Research and standards discussions at IETF. Security assumptions for the scheme are frequently stated in terms of the Computational Diffie–Hellman problem and the related Gap Diffie–Hellman setting that were analyzed in theoretical papers authored by scholars from MIT, Princeton University, and ETH Zurich.
BLS Signature Scheme
The scheme's key generation, signing, and verification algorithms were formalized in the original paper and later adapted for different pairings used in deployments by teams at Protocol Labs, Parity Technologies, and ConsenSys. In the canonical construction a private key exponent corresponds to an element in a scalar field used by curves such as those standardized by SEC (Standards for Efficient Cryptography), while the public key is a group element on an associated curve as used in implementations influenced by BoringSSL and libsodium. Signature aggregation—combining multiple signatures into one short element—was highlighted in comparisons with multi-signature proposals from researchers at Cornell University and collaboration projects involving Google engineers on aggregate verification techniques.
Security Properties and Proofs
Provable security analyses of the scheme were published in proceedings of CRYPTO and Eurocrypt and involve reductions to assumptions like the co-Computational Diffie–Hellman and Computational co-Diffie–Hellman problems studied by cryptographers at IBM Research and Microsoft Research. Security proofs commonly reference the random oracle model, a framework developed in foundational work by researchers at Bell Labs and employed in follow-up analyses by teams at Columbia University and University of California, San Diego. Attack models considered by the community include rogue-key attacks discussed in workshops involving authors from IACR and mitigations such as explicit public-key binding proposed by contributors at Stanford University and MIT.
Variants and Extensions
Several extensions and variants have been proposed by researchers at institutions including University College London, Ecole Polytechnique Fédérale de Lausanne, and University of Illinois Urbana–Champaign. These include threshold variants inspired by secret sharing schemes from Shamir and multisignature adaptations related to work from Blockstream-adjacent engineers and consortia such as Hyperledger. Protocol-level adaptations for batched verification, signature aggregation across signers, and distinct hashing-to-curve instantiations trace to contributions from researchers at University of Tokyo, Tsinghua University, and standardization efforts in groups like the IETF and CFRG.
Implementations and Performance
Open-source implementations and libraries maintained by communities associated with Ethereum Foundation, Zcash Company, Filecoin, and other projects provide production code paths and benchmarks. Curve and pairing choices used in implementations reference curves such as those from the BN curve family and compare performance measured on platforms from Intel Corporation and ARM Holdings hardware, with optimizations influenced by compilers like GCC and Clang. Implementations are subject to audits by firms including Trail of Bits and Least Authority and have been integrated into toolchains and SDKs provided by organizations such as Parity Technologies and Consensys.
Applications and Adoption
Adoption spans permissionless and permissioned systems including protocols developed by teams at Ethereum Foundation, Algorand, Filecoin, and research projects at Cornell University and Princeton University. Use cases include compact certificate systems researched at Google, aggregate attestations in distributed ledgers championed by Ethereum 2.0 design teams, and threshold signing services deployed by custodial providers in fintech firms associated with Coinbase and Binance. The scheme also appears in academic projects and standards discussions hosted by IETF and in workshops at conferences such as USENIX and NDSS.