138,941 research outputs found
Adaptable Group-Oriented Signature
A new type of signature is presented in this paper, named adaptable group-oriented signature. In contrast with traditional group-oriented signature, the new one laid a strong emphasis on how to improve the signer¡¯s efficiency. In fact, this new type of group-oriented signature can be seen as a type of designated verifier signature. In contrast with the ordinary designated verifier signature, it does not designate one member but several members to independently verify the signature. The designated members, who can independently verify the signature, come into a group. This scheme can ensure the anonymity of the verifiers. This type of signature can be used in such system that the compute resource is limited, such as the broadcast protocols of the mobile telephone in the mobile networks
Breaking and Building of Group Inside Signature
Group Inside Signature (GIS) is a signature scheme that allows the signer to designate his signature to be verified by a group of people, so that members other than the designated group cannot verify the signature generated by him. In Broadcast Group Oriented Signature (BGOS), an user from one group can designate his signature to be verified by members of other group. The GIS and BGOS schemes \cite{MaAoHe05}, \cite{CJ09} and \cite{MaHeAo05} which we consider are certificateless schemes. An Adaptable Designated Group Signature (ADGS), is one in which an user can designate his signature to be verified by a selected set of members who are from different groups. The ADGS scheme \cite{MaL06} which we consider here is an identity based scheme. In this paper, we present the cryptanalysis of four schemes that appeared in \cite{MaAoHe05}, \cite{CJ09}, \cite{MaHeAo05} and \cite{MaL06}. We show that, both GIS schemes \cite{MaAoHe05}, \cite{CJ09} and BGOS scheme \cite{MaHeAo05} suffers from Type-I and Type-II vulnerabilities and ADGS \cite{MaL06} is universally forgeable. We also present a new scheme for ADGS (N-ADGS) and proved its security in the random oracle model. The existing model for ADGS did not consider unlinkability which is one of the key properties required for ADGS. We provide security model for unlinkability and also prove our scheme is unlinkable
A -out-of- Ring Signature with Flexible Participation for Signers
A -out-of- ring signature is a kind of anonymous signature that
can be performed by any member in a group.
This signature allows the creation of valid signatures if and only if
actual signers more than or equal to sign the message among
possible signers.
In this paper, we present a new -out-of- ring signature.
Our signature has a remarkable property: When the signature is
updated from -out-of- to -out-of-, the previous
signers do not need to sign a message again.
Our scheme can ``reuse\u27\u27 the old signature, whereas the previous schemes
revoke it and create a signature from scratch.
We call this property ``{{flexibility}}\u27\u27 and formalize it rigorously.
Our signature scheme has a multiple ring structure, each ring of which
is based on -out-of- ring signature. The structure of our scheme
is completely different from that of conventional schemes, such as a
secret-sharing type. The signers\u27 keys are mostly independent of each
user, thanks to a part of keys which use a special hash function.
We give the results of provable security for our scheme
Structure-preserving signatures from type II pairings
We investigate structure-preserving signatures in asymmetric bilinear groups with an efficiently computable homomorphism from one source group to the other, i.e., the Type II setting. It has been shown that in the Type I and Type III settings, structure-preserving signatures need at least 2 verification equations and 3 group elements. It is therefore natural to conjecture that this would also be required in the intermediate Type II setting, but surprisingly this turns out not to be the case. We construct structure-preserving signatures in the Type II setting that only require a single verification equation and consist of only 2 group elements. This shows that the Type II setting with partial asymmetry is different from the other two settings in a way that permits the construction of cryptographic schemes with unique properties.
We also investigate lower bounds on the size of the public verification key in the Type II setting. Previous work on structure-preserving signatures has explored lower bounds on the number of verification equations and the number of group elements in a signature but the size of the verification key has not been investigated before.We show that in the Type II setting it is necessary to have at least 2 group elements in the public verification key in a signature scheme with a single verification equation.
Our constructions match the lower bounds so they are optimal with respect to verification complexity, signature sizes and verification key sizes. In fact, in terms of verification complexity, they are the most efficient structure preserving signature schemes to date.
We give two structure-preserving signature schemes with a single verification equation where both the signatures and the public verification keys consist of two group elements each. One signature scheme is strongly existentially unforgeable, the other is fully randomizable. Having such simple and elegant structure-preserving signatures may make the Type II setting the easiest to use when designing new structure-preserving cryptographic schemes, and lead to schemes with the greatest conceptual simplicity
Efficient Round-Optimal Blind Signatures in the Standard Model
Blind signatures are at the core of e-cash systems and have numerous other applications. In this work we construct efficient blind and partially blind signature schemes over bilinear groups in the standard model. Our schemes yield short signatures consisting of only a couple of elements from the shorter source group and have very short communication overhead consisting of group element on the user side and group elements on the signer side.
At -bit security, our schemes yield signatures consisting of only bytes which is shorter than the most efficient existing scheme with the same security in the standard model. Verification in our schemes requires only a couple of pairings.
Our schemes compare favorably in every efficiency measure to all existing counterparts offering the same security in the standard model. In fact, the efficiency of our signing protocol as well as the signature size compare favorably even to many existing schemes in the random oracle model. For instance, our signatures are shorter than those of Brands\u27 scheme which is at the heart of the U-Prove anonymous credential system used in practice. The unforgeability of our schemes is based on new intractability assumptions of a ``one-more\u27\u27 type which we show are intractable in the generic group model, whereas their blindness holds w.r.t.~malicious signing keys in the information-theoretic sense.
We also give variants of our schemes for a vector of messages
Privacy-Preserving Electronic Ticket Scheme with Attribute-based Credentials
Electronic tickets (e-tickets) are electronic versions of paper tickets,
which enable users to access intended services and improve services'
efficiency. However, privacy may be a concern of e-ticket users. In this paper,
a privacy-preserving electronic ticket scheme with attribute-based credentials
is proposed to protect users' privacy and facilitate ticketing based on a
user's attributes. Our proposed scheme makes the following contributions: (1)
users can buy different tickets from ticket sellers without releasing their
exact attributes; (2) two tickets of the same user cannot be linked; (3) a
ticket cannot be transferred to another user; (4) a ticket cannot be double
spent; (5) the security of the proposed scheme is formally proven and reduced
to well known (q-strong Diffie-Hellman) complexity assumption; (6) the scheme
has been implemented and its performance empirically evaluated. To the best of
our knowledge, our privacy-preserving attribute-based e-ticket scheme is the
first one providing these five features. Application areas of our scheme
include event or transport tickets where users must convince ticket sellers
that their attributes (e.g. age, profession, location) satisfy the ticket price
policies to buy discounted tickets. More generally, our scheme can be used in
any system where access to services is only dependent on a user's attributes
(or entitlements) but not their identities.Comment: 18pages, 6 figures, 2 table
- …