DOI: 10.3390/jcp6040108 ISSN: 2624-800X

Account-Holding Proofs Across Multiple Authorities from JWT-Derived Evidence Using RSA-Based Synchronized Aggregate Signatures

Kenta Nomura, Tsunekazu Saito, Masaki Kamizono, Yoshiaki Shiraishi

This paper proposes a model for account-holding proofs across multiple authorities and presents a concrete construction from JWT-derived evidence, enabling a verifier to evaluate the resulting artifact under specified system assumptions and acceptance policies. Conventional account linkage approaches often depend on particular identity providers (IdPs) or linkage mechanisms and may expose or correlate more credential information than is necessary for the verifier’s policy. To address this, we formalize a scheme-agnostic abstract model and organize its security, disclosure-related, and deployment requirements. As a concrete instantiation, we apply an RSA-based synchronized aggregate signature scheme to encoded messages derived from the RS256 preprocessing step of JWT signing inputs. The resulting artifact is not a standard JWT and is not intended for direct verification by existing JWT/OIDC verifiers; rather, it provides a single aggregate signature component over multiple JWT-derived evidence items. Through analytical and prototype-based evaluation, we show that the signature-component data to be presented is reduced from n individual components to a single aggregate component and that the exponentiation applied to the presented signature component is reduced from O(n) to O(1), while the overall verification remains dominated by per-message public-key terms. The results of prototype implementation indicate that aggregate verification is not faster than ordinary RS256 JWT verification under the evaluated parameters; therefore, the construction is better suited to one-time or low-frequency account-holding proof scenarios in which the additional latency is tolerable.

More from our Archive