94,838 research outputs found
Zero-knowledge undeniable signatures (extended abstract)
Undeniable signature protocols were introduced at Crypto '89 [CA]. The present article contains new undeniable signature protocols, and these are the first that are zero-knowledge
Leak-Free Mediated Group Signatures
Group signatures are a useful cryptographic construct for privacy-preserving non-repudiable authentication, and there have been many group signature schemes. In this paper, we introduce a variant of group signatures that offers two new security properties called leak-freedom and immediate-revocation. Intuitively, the former ensures that an insider (i.e., an authorized but malicious signer) be unable to convince an outsider (e.g., signature receiver) that she indeed signed a certain message; whereas the latter ensures that the authorization for a user to issue group signatures can be immediately revoked whenever the need arises (temporarily or permanently). These properties are not offered in existing group signature schemes, nor captured by their security definitions. However, these properties might be crucial to a large class of enterprise-centric applications because they are desirable from the perspective of the enterprises who adopt group signatures or are the group signatures liability-holders (i.e., will be hold accountable for the consequences of group signatures). In addition to introducing these new securit
Lattice-Based Group Signatures: Achieving Full Dynamicity (and Deniability) with Ease
In this work, we provide the first lattice-based group signature that offers
full dynamicity (i.e., users have the flexibility in joining and leaving the
group), and thus, resolve a prominent open problem posed by previous works.
Moreover, we achieve this non-trivial feat in a relatively simple manner.
Starting with Libert et al.'s fully static construction (Eurocrypt 2016) -
which is arguably the most efficient lattice-based group signature to date, we
introduce simple-but-insightful tweaks that allow to upgrade it directly into
the fully dynamic setting. More startlingly, our scheme even produces slightly
shorter signatures than the former, thanks to an adaptation of a technique
proposed by Ling et al. (PKC 2013), allowing to prove inequalities in
zero-knowledge. Our design approach consists of upgrading Libert et al.'s
static construction (EUROCRYPT 2016) - which is arguably the most efficient
lattice-based group signature to date - into the fully dynamic setting.
Somewhat surprisingly, our scheme produces slightly shorter signatures than the
former, thanks to a new technique for proving inequality in zero-knowledge
without relying on any inequality check. The scheme satisfies the strong
security requirements of Bootle et al.'s model (ACNS 2016), under the Short
Integer Solution (SIS) and the Learning With Errors (LWE) assumptions.
Furthermore, we demonstrate how to equip the obtained group signature scheme
with the deniability functionality in a simple way. This attractive
functionality, put forward by Ishida et al. (CANS 2016), enables the tracing
authority to provide an evidence that a given user is not the owner of a
signature in question. In the process, we design a zero-knowledge protocol for
proving that a given LWE ciphertext does not decrypt to a particular message
- …