A Multibank E-Cash System Based on Group Signature Scheme

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.321-324.2987 ◽

2013 ◽

Vol 321-324 ◽

pp. 2987-2990

Author(s):

Chun Hong Duo

Keyword(s):

Blind Signature ◽

Group Signature ◽

Signature Scheme ◽

General Design ◽

Design Scheme ◽

Group Signatures ◽

Group Member

Group signatures allow members of a group to sign messages anonymously on behalf of the group. Only a designated group manager is able to identify the group member who issued a given signature. In this paper we propose a new group signature scheme based on RSA, which is a blind signature algorithm. A multibank E-cash system has been presented based on the proposed scheme. A general design scheme including withdrawal, payment and deposit process is discussed particularly.

Download Full-text

Converting pairing-based cryptosystems from composite to prime order setting – A comparative analysis

Journal of Mathematical Cryptology ◽

10.1515/jmc-2017-0042 ◽

2018 ◽

Vol 12 (3) ◽

pp. 159-190

Author(s):

Sanjit Chatterjee ◽

M. Prem Laxman Das ◽

R. Kabaleeshwaran

Keyword(s):

Comparative Analysis ◽

Prime Order ◽

Homomorphic Encryption ◽

Blind Signature ◽

Group Signature ◽

Encryption Scheme ◽

Signature Scheme ◽

Relative Efficacy ◽

Ring Signature ◽

Group Signatures

Abstract Composite order pairing setting has been used to achieve cryptographic functionalities beyond what is attainable in prime order groups. However, such pairings are known to be significantly slower than their prime order counterparts. Thus emerged a new line of research – developing frameworks to convert cryptosystems from composite to prime order pairing setting. In this work, we analyse the intricacies of efficient prime order instantiation of cryptosystems that can be converted using existing frameworks. To compare the relative efficacy of these frameworks we mainly focus on some representative schemes: the Boneh–Goh–Nissim (BGN) homomorphic encryption scheme, ring and group signatures as well as a blind signature scheme. Our concrete analyses lead to several interesting observations. We show that even after a considerable amount of research, the projecting framework implicit in the very first work of Groth–Sahai still remains the best choice for instantiating the BGN cryptosystem. Protocols like the ring signature and group signature which use both projecting and cancelling setting in composite order can be most efficiently instantiated in the Freeman prime-order projecting only setting. In contrast, while the Freeman projecting setting is sufficient for the security reduction of the blind signature scheme, the simultaneous projecting and cancelling setting does provide some efficiency advantage.

Download Full-text

A Group Signature Scheme Based on an RSA-Variant

BRICS Report Series ◽

10.7146/brics.v5i27.19433 ◽

1998 ◽

Vol 5 (27) ◽

Cited By ~ 31

Author(s):

Jan Camenisch ◽

Markus Michels

Keyword(s):

Public Key ◽

Group Signature ◽

Signature Scheme ◽

Group Signatures ◽

Large Groups ◽

Group Member

The concept of group signatures allows a group member to sign messages anonymously on behalf of the group. However, in the case of a dispute, the identity of a signature’s originator can be revealed by a designated entity. In this paper we propose a new group signature scheme that is well suited for large groups, i.e., the length of the group’s public key and of signatures do not<br />depend on the size of the group. Our scheme is based on a variation of the RSA problem called strong RSA assumption. It is also more efficient than previous ones satisfying these requirements.

Download Full-text

Accountable Metadata-Hiding Escrow: A Group Signature Case Study

Proceedings on Privacy Enhancing Technologies ◽

10.1515/popets-2015-0012 ◽

2015 ◽

Vol 2015 (2) ◽

pp. 206-221 ◽

Cited By ~ 1

Author(s):

Markulf Kohlweiss ◽

Ian Miers

Keyword(s):

Third Party ◽

Group Signature ◽

Signature Scheme ◽

New Approach ◽

Encrypted Data ◽

Trusted Third Party ◽

Group Signatures ◽

Private Data ◽

Gain Access

Abstract A common approach to demands for lawful access to encrypted data is to allow a trusted third party (TTP) to gain access to private data. However, there is no way to verify that this trust is well placed as the TTP may open all messages indiscriminately. Moreover, existing approaches do not scale well when, in addition to the content of the conversation, one wishes to hide one’s identity. Given the importance of metadata this is a major problem. We propose a new approach in which users can retroactively verify cryptographically whether they were wiretapped. As a case study, we propose a new signature scheme that can act as an accountable replacement for group signatures, accountable forward and backward tracing signatures.

Download Full-text

ENHANCED SECURITY MODELS AND A GENERIC CONSTRUCTION APPROACH FOR LINKABLE RING SIGNATURE

International Journal of Foundations of Computer Science ◽

10.1142/s0129054106004480 ◽

2006 ◽

Vol 17 (06) ◽

pp. 1403-1422 ◽

Cited By ~ 15

Author(s):

JOSEPH K. LIU ◽

DUNCAN S. WONG

Keyword(s):

Discrete Logarithm ◽

Group Signature ◽

Signature Scheme ◽

Ring Signature ◽

Security Models ◽

Generic Construction ◽

Group Members ◽

Group Member

A ring signature scheme is a group signature scheme but with no group manager to setup a group or revoke a signer's identity. It allows members of a group to sign messages such that the resulting signatures do not reveal the identities of the group members who actually created these signatures (anonymity) and no one can tell if two signatures are created by the same signer (unlinkability). Furthermore, the formation of a group is spontaneous. Diversion group members (non-signers) can be totally unaware of being conscripted to the group. The notion of linkable ring signature, introduced by Liu et al. in 2004, also provides signer anonymity and spontaneity, but at the same time, allows anyone to determine whether two signatures have been issued by the same group member (linkability). In this paper, we propose a suite of enhanced security models and show that they capture stronger notions of signer anonymity and linkability than the original ones proposed by Liu et al. in 2004. We also propose a generic approach for constructing a linkable ring signature scheme. The generic approach leads us to the construction of two efficient polynomial-structured schemes and one type-restricted separable scheme. The separable scheme allows group members to have different sets of DL (discrete logarithm) domain parameters. All schemes are shown secure under the enhanced security models defined in this paper.

Download Full-text

Anr-Hiding Revocable Group Signature Scheme: Group Signatures with the Property of Hiding the Number of Revoked Users

Journal of Applied Mathematics ◽

10.1155/2014/983040 ◽

2014 ◽

Vol 2014 ◽

pp. 1-14 ◽

Cited By ~ 6

Author(s):

Keita Emura ◽

Atsuko Miyaji ◽

Kazumasa Omote

Keyword(s):

Negative Information ◽

Displaced Workers ◽

Group Signature ◽

Signature Scheme ◽

Signature Schemes ◽

Group Signatures ◽

A Company ◽

Security Notion

If there are many displaced workers in a company, then a person who goes for job hunting might not select this company. That is, the number of members who quit is quite negative information. Similarly, in revocable group signature schemes, if one knows (or guesses) the number of revoked users (sayr), then one may guess the reason behind such circumstances, and it may lead to harmful rumors. However, no previous revocation procedure can achieve hidingr. In this paper, we propose the first revocable group signature scheme, whereris kept hidden, which we callr-hiding revocable group signature. To handle this property, we newly define the security notion called anonymity with respect to the revocation which guarantees the unlinkability of revoked users.

Download Full-text

An Improved Group Signature Scheme with VLR over Lattices

Security and Communication Networks ◽

10.1155/2021/9988939 ◽

2021 ◽

Vol 2021 ◽

pp. 1-10

Author(s):

Yanhua Zhang ◽

Ximeng Liu ◽

Yupu Hu ◽

Huiwen Jia ◽

Qikun Zhang

Keyword(s):

Group Size ◽

Public Key ◽

Group Signature ◽

Knowledge Argument ◽

Signature Scheme ◽

Zero Knowledge ◽

Large Group ◽

Corrected Version ◽

Group Signatures ◽

New Construction

For group signatures (GS) supporting membership revocation, verifier-local revocation (VLR) mechanism is the most flexible choice. As a post-quantum secure cryptographic counterpart of classical schemes, the first dynamic GS-VLR scheme over lattices was put forward by Langlois et al. at PKC 2014; furthermore, a corrected version was shown at TCS 2018. However, both designs are within Bonsai trees and featuring bit-sizes of group public-key and member secret signing key proportional to log N where N is the group size; therefore, both schemes are not suitable for a large group. In this paper, we provide an improved dynamic GS-VLR over lattices, which is efficient by eliminating a O log N factor for both sizes. To realize the goal, we adopt a more efficient and compact identity-encoding technique. At the heart of our new construction is a new Stern-type statistical zero-knowledge argument of knowledge protocol which may be of some independent cryptographic interest.

Download Full-text

Efficient Dynamic Group Signature Scheme with Verifier Local Revocation and Time-Bound Keys using Lattices

International Journal of Computer and Information Technology(2279-0764) ◽

10.24203/ijcit.v10i2.93 ◽

2021 ◽

Vol 10 (2) ◽

Author(s):

Abhilash M H ◽

Amberker B B

Keyword(s):

Large Fraction ◽

Group Signature ◽

Signature Scheme ◽

Expiry Date ◽

Signature Schemes ◽

Significant Saving ◽

Dynamic Group ◽

Speed Up ◽

Verification Process ◽

Group Member

Revocation is an important feature of group signature schemes. Verifier Local Revocation (VLR) is a popular revocation mechanism which involves only verifiers in the revocation process. In VLR, a revocation list is maintained to store the information about revoked users. The verification cost of VLR based schemes islinearly proportional to the size of recvocation list. In many applications, the size of revocation list grows with time, which makes the verification process expensive. In this paper, we propose a lattice based dynamic group signature using VLR and time bound keys to reduce the size of revocation list to speed up the verification process. In the proposed scheme, an expiration date is fixed for signing key of each group member, and verifiers can find out (at constantcost) if a signature is generated using an expired key. Hence revocation information of members who are revoked before signing key expiry date (premature revocation) are kept in revocation list, and other members are part of natural revocation. This leads to a significant saving on the revocation check by assuming natural revocation accounts for large fraction of the total revocation. This scheme also takes care of non-forgeability of signing key expiry date.

Download Full-text

Almost Fully Secure Lattice-Based Group Signatures with Verifier-Local Revocation

10.20944/preprints201808.0014.v1 ◽

2018 ◽

Cited By ~ 1

Author(s):

Maharage Nisanasla Sevwandi Perera ◽

Takeshi Koshiba

Keyword(s):

Efficient Method ◽

The Other ◽

Group Signature ◽

Key Generation ◽

Signature Scheme ◽

Signature Schemes ◽

Group Signatures ◽

Tracing Algorithm ◽

Static Group ◽

Security Notion

Efficient member revocation and strong security against attacks are prominent requirements in group signature schemes. Among the revocation approaches Verifier-local revocation is the most flexible and efficient method since it requires to inform only the verifiers regarding the revoked members. The verifier-local revocation technique uses a token system to manage members’ status. However, the existing group signature schemes with verifier-local revocability rely on weaker security. On the other hand, existing static group signature schemes rely on a stronger security notion called, full-anonymity. Achieving the full-anonymity for group signature schemes with verifier-local revocation is a quite challenging task. This paper aims to obtain stronger security for the lattice-based group signature schemes with verifier-local revocability, which is closer to the full-anonymity. Moreover, this paper delivers a new key-generation method which outputs revocation tokens without deriving from the users’ signing keys. By applying the tracing algorithm given in group signature schemes for static groups, this paper also outputs an efficient tracing mechanism. Thus, we deliver a new group signature scheme with verifier-local revocation that satisfies a stronger security from lattices.

Download Full-text

Simple-Yet-Efficient Construction and Revocation of Group Signatures

International Journal of Foundations of Computer Science ◽

10.1142/s0129054115500343 ◽

2015 ◽

Vol 26 (05) ◽

pp. 611-624 ◽

Cited By ~ 5

Author(s):

Tzu-Hsin Ho ◽

Li-Hsing Yen ◽

Chien-Chao Tseng

Keyword(s):

Group Membership ◽

Size Group ◽

Group Signature ◽

Communication Overhead ◽

Signature Scheme ◽

Private Key ◽

Constant Size ◽

Security Proof ◽

Group Signatures ◽

Efficient Construction

Group signatures are typically used to authenticate the signer of message while preserving the privacy of the signer. Group signature should be minimized to reduce potential communication overhead. We propose a novel short group signature scheme that generates constant-size group public key and constant-size group signature. The scheme, using pairing-friendly elliptic curves, is efficient in construction. We give the security proof under XDH and ECDL hardness assumptions in the BMW model. Furthermore, we propose two group membership revocation methods which provide revocation information only to verifiers. One revocation method exposes partial private key of revoked users, which requires less revocation information. The other revocation method includes mixed private key information without revealing the real private keys of revoked users. This method is simple in revocation check.

Download Full-text

Group Signatures with Message-Dependent Opening: Formal Definitions and Constructions

Security and Communication Networks ◽

10.1155/2019/4872403 ◽

2019 ◽

Vol 2019 ◽

pp. 1-36 ◽

Cited By ~ 2

Author(s):

Keita Emura ◽

Goichiro Hanaoka ◽

Yutaka Kawai ◽

Takahiro Matsuda ◽

Kazuma Ohara ◽

...

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Group Signature ◽

Signature Scheme ◽

Identity Based Encryption ◽

Group Signatures ◽

The Standard Model ◽

Formal Definitions ◽

Generic Construction ◽

Identity Based

This paper introduces a new capability for group signatures called message-dependent opening. It is intended to weaken the high trust placed on the opener; i.e., no anonymity against the opener is provided by an ordinary group signature scheme. In a group signature scheme with message-dependent opening (GS-MDO), in addition to the opener, we set up an admitter that is not able to extract any user’s identity but admits the opener to open signatures by specifying messages where signatures on the specified messages will be opened by the opener. The opener cannot extract the signer’s identity from any signature whose corresponding message is not specified by the admitter. This paper presents formal definitions of GS-MDO and proposes a generic construction of it from identity-based encryption and adaptive non-interactive zero-knowledge proofs. Moreover, we propose two specific constructions, one in the standard model and one in the random oracle model. Our scheme in the standard model is an instantiation of our generic construction but the message-dependent opening property is bounded. In contrast, our scheme in the random oracle model is not a direct instantiation of our generic construction but is optimized to increase efficiency and achieves the unbounded message-dependent opening property. Furthermore, we also demonstrate that GS-MDO implies identity-based encryption, thus implying that identity-based encryption is essential for designing GS-MDO schemes.

Download Full-text