A Light-Weight Group Signature Scheme for Wireless Networks Based-on BBS Short Group Signature

In the natural context of wireless network environment, the communications between wireless nodes are more easily observed for the goal of the network traffic analysis. Thus, to enable a secure and anonymous communication system from thwarting of such analysis attacks would be strongly desirable. In this paper, we propose a secure and anonymous communication system using pairing-based group signatures. The achievement of secure and anonymous communication is performed by allowing all valid member wireless nodes of a particular privilege group to authenticate each other without revealing their own identitie

Backward Unlinkability for a VLR Group Signature Scheme with Efficient Revocation Check

Verifier-Local Revocation (VLR) group signatures, introduced by Boneh and Shacham in 2004, are a particular case of dynamic group signature schemes where the revocation process does not influence the activity of the signers. The verifiers use a Revocation List to check if the signers are revoked. In all known schemes, checking a signature requires a computational time linear in the number of revoked members. Usually, it requires one pairing per revoked user. Recently, Chen and Li proposed a scheme where Revocation Check uses exponentiations instead of pairings. In this paper, we first propose a correction of their scheme to enable a full proof of the traceability property. Then our main contribution is to extend this tweaked scheme to ensure Backward Unlinkability. This important property prevents the loss of anonymity of past signatures when a user is revoked. We succeed in achieving this consequent improvement with a constant additional cost only. We thus obtain the scheme with the most efficient Revocation Check among VLR schemes enabling Backward Unlinkability

Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.

Privacy-preserving security solution for cloud services

AbstractWe propose a novel privacy-preserving security solution for cloud services. Our solution is based on an efficient non-bilinear group signature scheme providing the anonymous access to cloud services and shared storage servers. The novel solution offers anonymous authenticationfor registered users. Thus, users' personal attributes (age, valid registration, successful payment) can be proven without revealing users' identity, and users can use cloud services without any threat of profiling their behavior. However, if a user breaks provider's rules, his access right is revoked. Our solution provides anonymous access, unlinkability and the confidentiality of transmitted data. We implement our solution as a proof of concept applicationand present the experimental results. Further, we analyzecurrent privacy preserving solutions for cloud services and group signature schemes as basic parts of privacy enhancing solutions in cloud services. We compare the performance of our solution with the related solutionsand schemes

Linking-Based Revocation for Group Signatures: A Pragmatic Approach for Efficient Revocation Checks

Group signature schemes (GSS) represent an important privacy-enhancing technology. However, their practical applicability is restricted due to inefficiencies of existing membership revocation mechanisms that often place a too large computational burden and communication overhead on the involved parties. Moreover, it seems that the general belief (or unwritten law) of avoiding online authorities by all means artificially and unnecessarily restricts the efficiency and practicality of revocation mechanisms in GSSs. While a mindset of preventing online authorities might have been appropriate more than 10 years ago, today the availability of highly reliable cloud computing infrastructures could be used to solve open challenges. More specifically, in order to overcome the inefficiencies of existing revocation mechanisms, we propose an alternative approach denoted as linking-based revocation (LBR) which is based on the concept of controllable linkability. The novelty of LBR is its transparency for signers and verifiers that spares additional computations as well as updates. We therefore introduce dedicated revocation authorities (RAs) that can be contacted for efficient (constant time) revocation checks. In order to protect these RAs and to reduce the trust in involved online authorities, we additionally introduce distributed controllable linkability. Using latter, RAs cooperate with multiple authorities to compute the required linking information, thus reducing the required trust. Besides efficiency, an appealing benefit of LBR is its generic applicability to pairing-based GSSs secure in the BSZ model as well as GSSs with controllable linkability. This includes the XSGS scheme, and the GSSs proposed by Hwang et al., one of which has been standardized in the recent ISO 20008-2 standard

Practical backward unlinkable revocation in FIDO, German e-ID, Idemix and U-Prove

FIDO, German e-ID, Idemix and U-Prove constitute privacy-enhanced public-key infrastructures allowing users to authenticate in an anonymous way. This however hampers timely revocation in a privacy friendly way. From a legal perspective, revocation typically should be effective within 24 hours after user reporting. It should also be backward unlinkable, i.e. user anonymity cannot be removed after revocation. We describe a new, generic revocation mechanism based on pairing based encryption and apply it to supplement the systems mentioned. This allows for both flexible and privacy friendly revocation. Protocol execution takes less than a quarter of a second on modern smartcards. An additional property is that usage after revocation is linkable, allowing users to identify fraudulent usage after revocation. Our technique is the first Verifier Local Revocation scheme with backwards unlinkable revocation for the systems mentioned. This also allows for a setup resembling the well-known Online Certificate Status Protocol (OCSP). Here the service provider sends a pseudonym to a revocation provider that returns its status. As the information required for this is not secret the status service can be distributed over many cloud services. In addition to the status service our technique also supports the publication of a central revocation list

Group Signature with relaxed-privacy and revocability for VANET

This paper adapts a new group signature (GS) scheme to the specific needs of certain application e.g., a vehicular adhoc network (VANET). Groth GS is the first efficient GS scheme in the BSZ-model with security proofs in the standard model. We modify the Groth GS in order to meet a restricted, but arguably sufficient set of privacy proper-ties. Although there are some authentication schemes using GS none of them satisfy all the desirable security and privacy properties. Either they follow GSs that rely on Random Oracle Model, or unable to satisfy potential application requirements. In particular, link management which allows any designated entities to link messages, whether they are coming from the same member or a certain group of members without revealing their identities; opening soundness that prevents malicious accusations by the opener against some honest member of the group; revocation system that privileges from fraudulent member like the traditional Public Key infrastructure (PKI). In order to achieve the aforementioned security properties together, we propose a new GS model where linkability, sound opening and revocability properties are assembled in a single scheme. The novelty of our proposal stems from extending the Groth GS by relaxing strong privacy properties to a scheme with a lightly lesser privacy in order to fit an existing VANET application requirements. In addition, we partially minimize the Groth GS scheme to expedite efficiency

Improving Revocation for Group Signature with Redactable Signature

Group signature is a major cryptographic tool allowing anonymous access to a service. However, in practice, access to a service is usually granted for some periods of time, which implies that the signing rights must be deactivated the rest of the time. This requirement thus calls for complex forms of revocation, reminiscent of the concept of time-bound keys. However, schemes satisfying this concept are rare and only allow revocation with limited granularity. That is, signing keys are associated with an expiry time and become definitively useless once the latter has passed. In this paper, we revisit the notion of group signatures with time-bound keys with several contributions. Firstly, we extend this notion to allow high granularity revocation: a member\u27s signing key can in particular be deactivated at some moments and then be automatically reinstated. Secondly, we show that this complex property is actually simple to achieve using redactable signature. In particular, we consider in this context a recent redactable signature scheme from PKC 20 that we improve by dramatically reducing the size of the public key. The resulting construction is of independent interest

A-MAKE: an efficient, anonymous and accountable authentication framework for WMNs

In this paper, we propose a framework, named as A-MAKE, which efficiently provides security, privacy, and accountability for communications in wireless mesh networks. More specifically, the framework provides an anonymous mutual authentication protocol whereby legitimate users can connect to network from anywhere without being identified or tracked. No single party (e.g., network operator) can violate the privacy of a user, which is provided in our framework in the strongest sense. Our framework utilizes group signatures, where the private key and the credentials of the users are generated through a secure three-party protocol. User accountability is implemented via user revocation protocol that can be executed by two semitrusted authorities, one of which is the network operator. The assumptions about the trust level of the network operator are relaxed. Our framework makes use of much more efficient signature generation and verification algorithms in terms of computation complexity than their counterparts in literature, where signature size is comparable to the shortest signatures proposed for similar purposes so far