research-article

Practical Group-Signatures with Privacy-Friendly Openings

Authors:

Christoph StriecksAuthors Info & Claims

ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

Article No.: 10, Pages 1 - 10

https://doi.org/10.1145/3339252.3339256

Published: 26 August 2019 Publication History

Abstract

Group signatures allow creating signatures on behalf of a group, while remaining anonymous. To prevent misuse, there exists a designated entity, named the opener, which can revoke anonymity by generating a proof which links a signature to its creator. Still, many intermediate cases have been discussed in the literature, where not the full power of the opener is required, or the users themselves require the power to claim (or deny) authorship of a signature and (un-)link signatures in a controlled way. However, these concepts were only considered in isolation.

We unify these approaches, supporting all these possibilities simultaneously, providing fine-granular openings, even by members. Namely, a member can prove itself whether it has created a given signature (or not), and can create a proof which makes two created signatures linkable (or unlinkable resp.) in a controlled way. Likewise, the opener can show that a signature was not created by a specific member and can prove whether two signatures stem from the same signer (or not) without revealing anything else. Combined, these possibilities can make full openings irrelevant in many use-cases. This has the additional benefit that the requirements on the reachability of the opener are lessened. Moreover, even in the case of an involved opener, our framework is less privacy-invasive, as the opener no longer requires access to the signed message.

Our provably secure black-box CCA-anonymous construction with dynamic joins requires only standard building blocks. We prove its practicality by providing a performance evaluation of a concrete instantiation, and show that our non-optimized implementation is competitive compared to other, less feature-rich, notions.

References

[1]

M. Abe, S. S. M. Chow, K. Haralambiev, and M. Ohkubo. Double-trapdoor anonymous tags for traceable signatures. Int. J. Inf. Sec., 12(1):19--31, 2013.

Digital Library

[2]

M. Abe, J. Groth, K. Haralambiev, and M. Ohkubo. Optimal Structure-Preserving Signatures in Asymmetric Bilinear Groups. In CRYPTO, 2011.

Digital Library

[3]

G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In CRYPTO, pages 255--270, 2000.

Digital Library

[4]

F. Baldimtsi, J. Camenisch, M. Dubovitskaya, A. Lysyanskaya, L. Reyzin, K. Samelin, and S. Yakoubov. Accumulators with applications to anonymity-preserving revocation. In EuroS&P, pages 301--315, 2017.

[5]

M. Bellare, D. Micciancio, and B. Warinschi. Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions. In EUROCRYPT, pages 614--629, 2003.

Digital Library

[6]

M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In CCS, pages 62--73, 1993.

Digital Library

[7]

M. Bellare, H. Shi, and C. Zhang. Foundations of group signatures: The case of dynamic groups. In CT-RSA, pages 136--153, 2005.

Digital Library

[8]

D. Bernhard, O. Pereira, and B. Warinschi. How Not to Prove Yourself: Pitfalls of the Fiat-Shamir Heuristic and Applications to Helios. In ASIACRYPT, pages 626--643, 2012.

Digital Library

[9]

P. Bichsel, J. Camenisch, G. Neven, N. P. Smart, and B. Warinschi. Get shorty via group signatures without encryption. In SCN, pages 381--398, 2010.

Digital Library

[10]

Arne Bilzhause, Manuel Huber, Henrich C. Pöhls, and Kai Samelin. Cryptographically enforced four-eyes principle. In ARES, pages 760--767. IEEE Computer Society, 2016.

[11]

O. Blazy, D. Derler, D. Slamanig, and R. Spreitzer. Non-interactive plaintext (in-)equality proofs and group signatures with verifiable controllable linkability. In CT-RSA, pages 127--143, 2016.

Digital Library

[12]

O. Blazy and D. Pointcheval. Traceable signature with stepping capabilities. In Cryptography and Security: From Theory to Applications - Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, pages 108--131, 2012.

Digital Library

[13]

J. Bootle, A. Cerulli, P. Chaidos, E. Ghadafi, and J. Groth. Foundations of Fully Dynamic Group Signatures. In ACNS, pages 117--136, 2016.

[14]

E. F. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation. In CCS, pages 132--145, 2004.

Digital Library

[15]

J. Camenisch, S. Krenn, A. Lehmann, G. L. Mikkelsen, G. Neven, and M. Ø. Pedersen. Formal treatment of privacy-enhancing credential systems. In SAC, pages 3--24, 2015.

Digital Library

[16]

J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Crypto, pages 61--76, 2002.

Digital Library

[17]

J. Camenisch and M. Stadler. Efficient group signature schemes for large groups (extended abstract). In Crypto, pages 410--424, 1997.

Digital Library

[18]

D. Chaum and E. van Heyst. Group Signatures. In EUROCRYPT, pages 257--265, 1991.

Digital Library

[19]

A. Fiat and A. Shamir. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In CRYPTO, pages 186--194, 1986.

Digital Library

[20]

T. El Gamal. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In CRYPTO, pages 10--18, 1984.

Digital Library

[21]

L. Garms and A. Lehmann. Group signatures with selective linkability. In PKC, pages 190--220, 2019.

Digital Library

[22]

H. Ge and S. R. Tate. Traceable signature: Better efficiency and beyond. In ICCSA, Part III, pages 327--337, 2006.

Digital Library

[23]

J. Y. Hwang, A. Lee, B.-H. Chung, H. S. Cho, and D. Nyang. Group signatures with controllable linkability for dynamic membership. Inf. Sci., 222:761--778, 2013.

Digital Library

[24]

A. Ishida, K. Emura, G. Hanaoka, Y. Sakai, and K. Tanaka. Group Signature with Deniability: How to Disavow a Signature. In CANS, pages 228--244, 2016.

Digital Library

[25]

A. Kiayias, Y. Tsiounis, and M. Yung. Traceable signatures. In Eurocrypt, pages 571--589, 2004.

[26]

A. Kiayias and M. Yung. Secure scalable group signature with dynamic joins and separable authorities. IJSN, 1(1/2):24--45, 2006.

Digital Library

[27]

B. Libert, S. Ling, K. Nguyen, and H. Wang. Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without Trapdoors. In EUROCRYPT II, pages 1--31, 2016.

[28]

B. Libert and M. Yung. Efficient traceable signatures in the standard model. Theor. Comput. Sci., 412(12-14):1220--1242, 2011.

Digital Library

[29]

A. Lysyanskaya, R. L. Rivest, A. Sahai, and S. Wolf. Pseudonym systems. In SAC, pages 184--199, 1999.

Digital Library

[30]

M. Manulis, N. Fleischhacker, F. Günther, F. Kiefer, and B. Poettering. Group signatures: Authentication with privacy. Technical report, TU Darmstadt, 2012.

[31]

M. Manulis, A.-R. Sadeghi, and J. Schwenk. Linkable democratic group signatures. In ISPEC, pages 187--201, 2006.

Digital Library

[32]

K. Potzmader, J. Winter, D. M. Hein, C. Hanser, P. Teufl, and L. Chen. Group signatures on mobile devices: Practical experiences. In TRUST, pages 47--64, 2013.

[33]

Y. Sakai, J. C. N. Schuldt, K. Emura, G. Hanaoka, and K. Ohta. On the security of dynamic group signatures: Preventing signature hijacking. In PKC, pages 715--732, 2012.

Digital Library

[34]

C.-P. Schnorr. Efficient Identification and Signatures for Smart Cards. In CRYPTO, pages 239--252, 1989.

Digital Library

[35]

D. Slamanig, R. Spreitzer, and T. Unterluggauer. Adding controllable linkability to pairing-based group signatures for free. In ISC, pages 388--400, 2014.

[36]

D. Slamanig, R. Spreitzer, and T. Unterluggauer. Linking-based revocation for group signatures: A pragmatic approach for efficient revocation checks. In Mycrypt, pages 364--388, 2016.

[37]

D. X. Song. Practical forward secure group signature schemes. In CCS, pages 225--234, 2001.

Digital Library

[38]

Q. Wu, W. Susilo, Y. Mu, and F. Zhang. Ad hoc group signatures. In IWSEC, pages 120--135, 2006.

Digital Library

Cited By

Perera MNakamura THashimoto MYokoyama HCheng CSakurai K(2022)A Survey on Group Signatures and Ring Signatures: Traceability vs. AnonymityCryptography10.3390/cryptography60100036:1(3)Online publication date: 19-Jan-2022
https://doi.org/10.3390/cryptography6010003
Li PLai JWu Y(2022)Accountable attribute-based authentication with fine-grained access control and its application to crowdsourcingFrontiers of Computer Science10.1007/s11704-021-0593-417:1Online publication date: 8-Aug-2022
https://doi.org/10.1007/s11704-021-0593-4
Li PLai JWu Y(2021)Event-oriented linkable and traceable anonymous authentication and its application to votingJournal of Information Security and Applications10.1016/j.jisa.2021.10286560(102865)Online publication date: Aug-2021
https://doi.org/10.1016/j.jisa.2021.102865
Show More Cited By

Recommendations

Group signatures with verifier-local revocation
CCS '04: Proceedings of the 11th ACM conference on Computer and communications security

Group signatures have recently become important for enabling privacy-preserving attestation in projects such as Microsoft's ngscb effort (formerly Palladium). Revocation is critical to the security of such systems. We construct a short group signature ...
Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials
DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

Proxy signatures enable an originator to delegate the signing rights for a restricted set of messages to a proxy. The proxy is then able to produce valid signatures only for messages from this delegated set on behalf of the originator. Recently, two ...
Group signatures with message-dependent opening
Pairing'12: Proceedings of the 5th international conference on Pairing-Based Cryptography

This paper introduces a new capability of the group signature, called message-dependent opening. It is intended to weaken the higher trust put on an opener, that is, no anonymity against an opener is provided by ordinary group signature. In a group ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

August 2019

979 pages

ISBN:9781450371643

DOI:10.1145/3339252

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 August 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

H2020 CREDENTIAL
H2020 CyberSec4Europe

Conference

ARES '19

ARES '19: 14th International Conference on Availability, Reliability and Security

August 26 - 29, 2019

CA, Canterbury, United Kingdom

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
103
Total Downloads

Downloads (Last 12 months)16
Downloads (Last 6 weeks)1

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Perera MNakamura THashimoto MYokoyama HCheng CSakurai K(2022)A Survey on Group Signatures and Ring Signatures: Traceability vs. AnonymityCryptography10.3390/cryptography60100036:1(3)Online publication date: 19-Jan-2022
https://doi.org/10.3390/cryptography6010003
Li PLai JWu Y(2022)Accountable attribute-based authentication with fine-grained access control and its application to crowdsourcingFrontiers of Computer Science10.1007/s11704-021-0593-417:1Online publication date: 8-Aug-2022
https://doi.org/10.1007/s11704-021-0593-4
Li PLai JWu Y(2021)Event-oriented linkable and traceable anonymous authentication and its application to votingJournal of Information Security and Applications10.1016/j.jisa.2021.10286560(102865)Online publication date: Aug-2021
https://doi.org/10.1016/j.jisa.2021.102865
Bobolz JEidens FKrenn SRamacher SSamelin K(2021)Issuer-Hiding Attribute-Based CredentialsCryptology and Network Security10.1007/978-3-030-92548-2_9(158-178)Online publication date: 9-Dec-2021
https://doi.org/10.1007/978-3-030-92548-2_9
Fraser AGarms LLehmann A(2021)Selectively Linkable Group Signatures—Stronger Security and Preserved VerifiabilityCryptology and Network Security10.1007/978-3-030-92548-2_11(200-221)Online publication date: 9-Dec-2021
https://doi.org/10.1007/978-3-030-92548-2_11
Diaz JLehmann A(2021)Group Signatures with User-Controlled and Sequential LinkabilityPublic-Key Cryptography – PKC 202110.1007/978-3-030-75245-3_14(360-388)Online publication date: 1-May-2021
https://doi.org/10.1007/978-3-030-75245-3_14
Bootle JCerulli AChaidos PGhadafi EGroth J(2020)Foundations of Fully Dynamic Group SignaturesJournal of Cryptology10.1007/s00145-020-09357-wOnline publication date: 2-Jun-2020
https://doi.org/10.1007/s00145-020-09357-w

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents