Reducing public-key size in an anonymous credential system for CNF formulas with constant-size proofs

Abstract Public key encryption with equality test (PKEET) can check whether two ciphertexts are encrypted from the same message or not without decryption. This attribute enables PKEET to be increasingly utilized in cloud storage, where users store their encrypted data on the cloud. In traditional PKEET, the tester is authorized by the data receiver to perform equality test on its ciphertexts. However, the tester can only test one ciphertext or all ciphertexts of one receiver with one authorization. It means that the receiver cannot adaptively authorize the test right of any number of ciphertexts to the tester. A trivial solution is authorizing one ciphertext each time and repeating multiple times. The corresponding size of trapdoor in this method is linear with the number of authorized ciphertexts. This will incur storage burden for the tester. To solve the aforementioned problem, we propose the concept of PKEET supporting partial authentication (PKEET-PA). We then instantiate the concept to a lightweight PKEET-PA, which achieves constant-size trapdoor. Besides, we prove the security of our PKEET-PA scheme against two types of adversaries. Compared with other PKEET schemes that can be used in trivial solution, our PKEET-PA is more efficient in receivers’ computation and has lower trapdoor size.

Download Full-text

Efficient Proofs for CNF Formulas on Attributes in Pairing-Based Anonymous Credential System

Lecture Notes in Computer Science - Information Security and Cryptology – ICISC 2012 ◽

10.1007/978-3-642-37682-5_35 ◽

2013 ◽

pp. 495-509 ◽

Cited By ~ 13

Author(s):

Nasima Begum ◽

Toru Nakanishi ◽

Nobuo Funabiki

Keyword(s):

Anonymous Credential ◽

Cnf Formulas

Download Full-text

A Short Server-Aided Certificateless Aggregate Multisignature Scheme in the Standard Model

Security and Communication Networks ◽

10.1155/2019/3424890 ◽

2019 ◽

Vol 2019 ◽

pp. 1-14 ◽

Cited By ~ 1

Author(s):

Viet Cuong Trinh

Keyword(s):

Standard Model ◽

Public Key Cryptography ◽

Public Key ◽

Constant Size ◽

Aggregate Signature ◽

Diffie Hellman ◽

Combination Scheme ◽

The Standard Model ◽

Identity Based ◽

Short Signature

Aggregate signature scheme allows each signer to sign a different message and then all those signatures are aggregated into a single short signature. In contrast, multisignature scheme allows multisigners to jointly sign only one message. Aggregate multisignature scheme is a combination of both aforementioned signature schemes, where signers can choose to generate either a multisignature or an aggregate signature. This combination scheme has many concrete application scenarios such as Bitcoin blockchain, Healthcare, Multicast Acknowledgment Aggregation, and so on. On the other hand, to deal with the problems of expensive certificates in certified public key cryptography and key escrow in identity-based cryptography, the notion of certificateless public key cryptography has been introduced by Riyami and Paterson at Asiacrypt’03. In this paper, we propose the first certificateless aggregate multisignature scheme that achieves the constant-size of signature and is secure in the standard model under a generalization of the Diffie-Hellman exponent assumption. In our scheme, however, the signature is generated with the help of the authority.

Download Full-text