University of Ljubljana
One of the recommended principles of sound cryptographic design is key separation, meaning that keys used for one purpose (e.g. encryption) should not be used for another purpose (e.g. signing). The reason is that, even if the individual uses are secure, the joint usage could be insecure. This paper shows, to the contrary, that there are important applications where key reuse is not only desirable but crucial to maintain security, and that when done \"Right\" it works. The authors offer key-versatile signatures as a general tool to enable signing with existing keys already in use for another purpose, without adding key materiel and while maintaining security of both the new and the old usage of the keys.