Practical dynamic group signatures without knowledge extractors

Kim, Hyoseung; Sanders, Olivier; Abdalla, Michel; Park, Jong

doi:10.1007/s10623-022-01129-w

Cited by 5 publications

(4 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In comparison to the definition of existential unforgeability (see Definition A.13), A has access to the random oracle 𝐻 , and the signing oracle is modified to follow the new syntax. The PS scheme in the RO model is existentially unforgeable under the generalized PS assumption proposed in [38,39]. Structure-Preserving Signature (SPS) scheme.…”

Section: Prmentioning

confidence: 99%

Compact and Divisible E-Cash with Threshold Issuance

Rial¹,

Piotrowska²

2023

Preprint

View full text Add to dashboard Cite

Decentralized, offline, and privacy-preserving e-cash could fulfil the need for both scalable and byzantine fault-resistant payment systems. Existing offline anonymous e-cash schemes are unsuitable for distributed environments due to a central bank. We construct a distributed offline anonymous e-cash scheme, in which the role of the bank is performed by a quorum of authorities, and present its two instantiations. Our first scheme is compact, i.e. the cost of the issuance protocol and the size of a wallet are independent of the number of coins issued, but the cost of payment grows linearly with the number of coins spent. Our second scheme is divisible and thus the cost of payments is also independent of the number of coins spent, but the verification of deposits is more costly. We provide formal security proof of both schemes and compare the efficiency of their implementations.

show abstract

Section: Prmentioning

confidence: 99%

Compact and Divisible E-Cash with Threshold Issuance

Rial¹,

Piotrowska²

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Since the introduction of GS [21], a number of GS schemes have been constructed to address various issues such as performance [8], formal security definitions [3], [4], a general framework [13], and revocation for dynamic membership [8], [23], as well as constructions without random oracles [26] and removal of knowledge-extractors [34].…”

Section: B Related Workmentioning

confidence: 99%

Dynamic Anonymous Credential Systems With Controllable Anonymity and Unlinkability

Hwang

2023

IEEE Access

View full text Add to dashboard Cite

In the paper we present novel anonymous credential schemes that provide controllable opening and linking capability. In a normal situation, signers are allowed to prove their possession of attributes of credentials anonymously and in a user-controllable way. The proof can demonstrate that certified claims hold with a desired privacy level, such as proving that age is within a certain value or a predefined range. However, in case of misbehaviors or for accountability, the identity of a signer can be revealed or signatures can be anonymously linked using opening and linking keys, respectively. The proposed scheme is designed to work for dynamic credential management allowing for the issuance of new credentials and proper revocation. To prove the security of the proposed anonymous credential scheme, we first define a security model to capture basic properties, anonymity, traceability, non-frameability, and controllable unlinkability. We then demonstrate that it satisfies all these properties under the standard assumption, i.e., q-strong Diffie-Hellman assumption in the random oracle model. Finally we provide a performance analysis of our scheme in terms of signature size and basic signing and verifying operations. Additionally, we present empirical results to show that the performance of our scheme is reasonably efficient.INDEX TERMS Privacy, anonymous credential, controllable unlinkability, dynamic membership, zeroknowledge proof.

show abstract

“…(e.g. sequential aggregate signature [32,31], redactable signature [31,34], threshold signature [3], group signature [13,24,25,35,36], threshold group signature [8], multi-signature [8], updatable signature [12]) Moreover, relationships between the PS signature and the structure-preserving signature have been studied.…”

Section: Related Workmentioning

confidence: 99%

“…Kim et al [24] proved that the GPS assumption holds in the generic group model. Moreover, Kim, Sanders, Abdalla, and Park [25] analyzed the relationship among the PS assumption, the GPS assumption, and the symmetric discrete logarithm assumption. More precisely, from their result, the following facts are clarified.…”

Section: Bilinear Groupmentioning

confidence: 99%

Improved Security Proof for the Camenisch-Lysyanskaya Signature-Based Synchronized Aggregate Signature Scheme

Tezuka¹,

Tanaka²

2020

Information Security and Privacy

View full text Add to dashboard Cite

Synchronized aggregate signature is a special type of signature that all signers have a synchronized time period and allows aggregating signatures which are generated in the same period. This signature has a wide range of applications for systems that have a natural reporting period such as log and sensor data, or blockchain protocol. In CT-RSA 2016, Pointcheval and Sanders proposed the new randomizable signature scheme. Since this signature scheme is based on type-3 pairing, this signature achieves a short signature size and efficient signature verification. In this paper, we design the Pointchcval-Sanders signature-based synchronized aggregate signature scheme and prove its security under the generalized Pointcheval-Sanders assumption in the random oracle model. Our scheme offers the most efficient aggregate signature verification among synchronized aggregate signature schemes based on bilinear groups.

show abstract

Practical dynamic group signatures without knowledge extractors

Cited by 5 publications

References 45 publications

Compact and Divisible E-Cash with Threshold Issuance

Compact and Divisible E-Cash with Threshold Issuance

Dynamic Anonymous Credential Systems With Controllable Anonymity and Unlinkability

Improved Security Proof for the Camenisch-Lysyanskaya Signature-Based Synchronized Aggregate Signature Scheme

Contact Info

Product

Resources

About