Article

One-Time Delegation of Unlinkable Signing Rights and Its Application

Author:

Takashi NishideAuthors Info & Claims

Provable and Practical Security: 14th International Conference, ProvSec 2020, Singapore, November 29 – December 1, 2020, Proceedings

Pages 103 - 123

https://doi.org/10.1007/978-3-030-62576-4_6

Published: 29 November 2020 Publication History

Abstract

Delegation of signing rights can be useful to promote effective resource sharing and smooth cooperation among participants in distributed systems, and in many situations, we often need restricted delegation such as one-timeness and unlinkability rather than simple full delegation. Particularly, one-timesness cannot be achieved just by deploying cryptographic measures, and one needs to resort to some form of tamper-proofness or the assistance from external cloud servers for “key-disabling”. In this work, we extend the latter such that a delegatee can sign a message without the delegator’s involvement with the assumption that there exists at least one honest cloud server with secure erasure to achieve one-timeness. In this setting, if the delegator just shares their signing key between the delegatee and cloud servers, it may be problematic. It is because in the worst case, the delegator cannot know whether or not a signing key theft occurred because the signatures generated illegally are indistinguishable from the ones generated legally. To solve this, first we propose an efficient one-time delegation scheme of Okamoto-Schnorr signing. Further we combine the basic delegation scheme with anonymous credentials such that the delegator can detect the signing key theft even if one-time delegation is broken while also achieving unlinkability for both the delegator and cloud servers. Further we show its application to an e-cash scheme, which can prevent double-spending.

References

[1]

Acar T, Chow SSM, and Nguyen L Sadeghi A-R Accumulators and U-Prove revocation Financial Cryptography and Data Security 2013 Heidelberg Springer 189-196

[2]

Amos, R., Georgiou, M., Kiayias, A., Zhandry, M.: One-shot signatures and applications to hybrid quantum/classical authentication. In: STOC, pp. 255–268 (2020)

[3]

Au MH, Susilo W, and Mu Y De Prisco R and Yung M Constant-size dynamic k-TAA Security and Cryptography for Networks 2006 Heidelberg Springer 111-125

[4]

Baldimtsi F, Chase M, Fuchsbauer G, and Kohlweiss M Katz J Anonymous transferable e-cash Public-Key Cryptography – PKC 2015 2015 Heidelberg Springer 101-124

[5]

Baldimtsi, F., Lysyanskaya, A.: Anonymous credentials light. In: CCS, pp. 1087–1098. ACM (2013)

[6]

Bellare M, Shi H, and Zhang C Menezes A Foundations of group signatures: the case of dynamic groups Topics in Cryptology – CT-RSA 2005 2005 Heidelberg Springer 136-153

[7]

Benhamouda, F., Lepoint, T., Orrù, M., Raykova, M.: On the (in) security of ROS. Cryptology ePrint Archive, Report 2020/945 (2020)

[8]

Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard Java card. In: CCS, pp. 600–610. ACM (2009)

[9]

Blömer J and Bobolz J Preneel B and Vercauteren F Delegatable attribute-based anonymous credentials from dynamically malleable signatures Applied Cryptography and Network Security 2018 Cham Springer 221-239

[10]

Borisov, N., Brewer, E.A.: Active certificates: a framework for delegation. In: NDSS (2002)

[11]

Bourse F, Pointcheval D, and Sanders O Galbraith SD and Moriai S Divisible e-cash from constrained pseudo-random functions Advances in Cryptology – ASIACRYPT 2019 2019 Cham Springer 679-708

[12]

Brands S Stinson DR Untraceable off-line cash in wallet with observers Advances in Cryptology — CRYPTO’ 93 1994 Heidelberg Springer 302-318

[13]

Brands, S.: Rethinking public key infrastructures and digital certificates: building in privacy. MIT Press (2000)

[14]

Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to win the clone wars: efficient periodic

n

-times anonymous authentication. In: CCS, pp. 201–210. ACM (2006)

[15]

Camenisch J, Hohenberger S, and Lysyanskaya A Cramer R Compact e-cash Advances in Cryptology – EUROCRYPT 2005 2005 Heidelberg Springer 302-321

[16]

Camenisch J, Kohlweiss M, and Soriente C Garay JA and De Prisco R Solving revocation with efficient update of anonymous credentials Security and Cryptography for Networks 2010 Heidelberg Springer 454-471

[17]

Camenisch J, Lehmann A, Neven G, and Samelin K Zikas V and De Prisco R Virtual smart cards: how to sign with a password and a server Security and Cryptography for Networks 2016 Cham Springer 353-371

[18]

Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: CRYPTO, pp 410–424. Springer (1997)

[19]

R. Canetti. Universally composable security: a new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067 (2000)

[20]

Canetti, R.: Universally composable signature, certification, and authentication. In: CSFW, pp. 219–233. IEEE (2004)

[21]

Chase M and Lysyanskaya A Dwork C On signatures of knowledge Advances in Cryptology - CRYPTO 2006 2006 Heidelberg Springer 78-96

[22]

Chaum D Chaum D, Rivest RL, and Sherman AT Blind signatures for untraceable payments Advances in Cryptology 1983 Boston, MA Springer 199-203

[23]

Chaum D Security without identification: transaction systems to make big brother obsolete Commun. ACM 1985 28 10 1030-1044

[24]

Chaum D Quisquater J-J and Vandewalle J Online cash checks Advances in Cryptology — EUROCRYPT ’89 1990 Heidelberg Springer 288-293

[25]

Chaum D Achieving electronic privacy Sci. Am. 1992 267 2 96-101

[26]

Chaum D, Fiat A, and Naor M Goldwasser S Untraceable electronic cash Advances in Cryptology — CRYPTO’ 88 1990 New York Springer 319-327

[27]

Chaum D and Pedersen TP Brickell EF Wallet databases with observers Advances in Cryptology — CRYPTO’92 1993 Heidelberg Springer 89-105

[28]

Damgård I, Pastro V, Smart N, and Zakarias S Safavi-Naini R and Canetti R Multiparty computation from somewhat homomorphic encryption Advances in Cryptology – CRYPTO 2012 2012 Heidelberg Springer 643-662

[29]

Everspaugh, A., Chaterjee, R., Scott, S., Juels, A., Ristenpart, T.: The Pythia PRF service. In: USENIX Security Symposium, pp. 547–562 (2015)

[30]

Fiat A and Shamir A Odlyzko AM How to prove yourself: practical solutions to identification and signature problems Advances in Cryptology — CRYPTO’ 86 1987 Heidelberg Springer 186-194

[31]

Fuchsbauer G Paterson KG Commuting signatures and verifiable encryption Advances in Cryptology – EUROCRYPT 2011 2011 Heidelberg Springer 224-245

[32]

Galbraith SD, Paterson KG, and Smart NP Pairings for cryptographers Dis Appl. Math. 2008 156 16 3113-3121

[33]

Goldwasser S, Kalai YT, and Rothblum GN Wagner D One-time programs Advances in Cryptology – CRYPTO 2008 2008 Heidelberg Springer 39-56

[34]

Groth, J.: Fully anonymous group signatures without random oracles. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 164–180. Springer, Heidelberg (2007).

[35]

Kaptchuk, G., Miers, I., Green, M.: Giving state to the stateless: augmenting trustworthy computation with ledgers. In: NDSS (2019)

[36]

Kurnikov, A., Paverd, A., Mannan, M., Asokan, N.: Keys in the clouds: auditable multi-device access to cryptographic credentials. In: ARES, pp. 40:1–40:10. ACM (2018)

[37]

Libert B, Ling S, Nguyen K, and Wang H Takagi T and Peyrin T Zero-knowledge arguments for lattice-based PRFs and applications to e-cash Advances in Cryptology – ASIACRYPT 2017 2017 Cham Springer 304-335

[38]

MacKenzie P and Reiter MK Delegation of cryptographic servers for capture-resilient devices Distrib. Comput. 2003 16 4 307-327

[39]

Marcedone A, Pass R, and Shelat A Goldberg I and Moore T Minimizing trust in hardware wallets with two factor signatures Financial Cryptography and Data Security 2019 Cham Springer 407-425

[40]

Matetic, S., Schneider, M., Miller, A., Juels, A., Capkun, S.: DelegaTEE: Brokered delegation using trusted execution environments. In: USENIX Security Symposium, pp. 1387–1403 (2018)

[41]

Okamoto T Brickell EF Provably secure and practical identification schemes and corresponding signature schemes Advances in Cryptology — CRYPTO’ 92 1993 Heidelberg Springer 31-53

[42]

Pointcheval D and Sanders O Sako K Short randomizable signatures Topics in Cryptology - CT-RSA 2016 2016 Cham Springer 111-126

[43]

Teranishi I and Sako K Yung M, Dodis Y, Kiayias A, and Malkin T k-Times anonymous authentication with a constant proving cost Public Key Cryptography - PKC 2006 2006 Heidelberg Springer 525-542

Cited By

Havens ZLatulipe C(2024)Proxy Accounts and Behavioural Nudges: Investigating Support for Older Adults and their Financial DelegatesProceedings of the 50th Graphics Interface Conference10.1145/3670947.3670962(1-14)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3670947.3670962
Hong ZChen J(2022)A Solution for the Offline Double-Spending Issue of Digital CurrenciesScience of Cyber Security10.1007/978-3-031-17551-0_30(455-471)Online publication date: 10-Aug-2022
https://dl.acm.org/doi/10.1007/978-3-031-17551-0_30

Index Terms

One-Time Delegation of Unlinkable Signing Rights and Its Application
1. Computer systems organization
  1. Architectures
2. Software and its engineering
  1. Software organization and properties

Index terms have been assigned to the content through auto-classification.

Recommendations

Delegation of signing rights using certificateless proxy signatures

A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer within a given context. It has lots of practical applications in distributed systems, grid computing, mobile agent applications, distributed shared object ...
Secure and Efficient Scheme for Delegation of Signing Rights
Information and Communications Security
Abstract
A proxy signature scheme enables a signer to transfer its signing rights to any other user, called the proxy signer, to produce a signature on its behalf. Multi-proxy signature is a proxy signature primitive which enables a user to transfer its ...
Anonymous Consecutive Delegation of Signing Rights: Unifying Group and Proxy Signatures
Formal to Practical Security

We define a general model for consecutive delegations of signing rights with the following properties: The delegatee actually signing and all intermediate delegators remain anonymous. As for group signatures, in case of misuse, a special authority can <...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

Provable and Practical Security: 14th International Conference, ProvSec 2020, Singapore, November 29 – December 1, 2020, Proceedings

Nov 2020

425 pages

ISBN:978-3-030-62575-7

DOI:10.1007/978-3-030-62576-4

Editors:
Khoa Nguyen
Nanyang Technological University, Singapore, Singapore
,
Wenling Wu
Chinese Academy of Sciences, Beijing, China
,
Kwok Yan Lam
Nanyang Technological University, Singapore, Singapore
,
Huaxiong Wang
Nanyang Technological University, Singapore, Singapore

© Springer Nature Switzerland AG 2020.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 29 November 2020

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Havens ZLatulipe C(2024)Proxy Accounts and Behavioural Nudges: Investigating Support for Older Adults and their Financial DelegatesProceedings of the 50th Graphics Interface Conference10.1145/3670947.3670962(1-14)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3670947.3670962
Hong ZChen J(2022)A Solution for the Offline Double-Spending Issue of Digital CurrenciesScience of Cyber Security10.1007/978-3-031-17551-0_30(455-471)Online publication date: 10-Aug-2022
https://dl.acm.org/doi/10.1007/978-3-031-17551-0_30

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents