Group Signatures with Efficient Concurrent Join

  • Aggelos Kiayias
  • Moti Yung
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3494)

Abstract

A group signature is a basic privacy mechanism. The group joining operation is a critical component of such a scheme. To date all secure group signature schemes either employed a trusted-party aided join operation or a complex joining protocol requiring many interactions between the prospective user and the Group Manager (GM). In addition no efficient scheme employed a join protocol proven secure against adversaries that have the capability to dynamically initiate multiple concurrent join sessions during an attack.

This work presents the first efficient group signature scheme with a simple Joining protocol that is based on a “single message and signature response” interaction between the prospective user and the GM. This single-message and signature-response registration paradigm where no other actions are taken, is the most efficient possible join interaction and was originally alluded to in 1997 by Camenisch and Stadler, but its efficient instantiation remained open till now.

The fact that joining has two short communication flows and does not require secure channels is highly advantageous: for example, it allows users to easily join by a proxy (i.e., a security officer of a company can send a file with all registration requests in his company and get back their certificates for distribution back to members of the company). It further allows an easy and non-interactive global system re-keying operation as well as straightforward treatment of multi-group signatures.We present a strong security model for group signatures (the first explicitly taking into account concurrent join attacks) and an efficient scheme with a single-message and signature-response join protocol.

References

  1. 1.
    Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000, vol. 1880, p. 255. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Ateniese, G., de Medeiros, B.: Efficient group signatures without trapdoors. In: Laih, C.-S. (ed.) ASIACRYPT 2003, vol. 2894, pp. 246–268. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Ateniese, G., Tsudik, G.: Some open issues and new directions in group signatures. In: Franklin, M.K. (ed.) FC 1999, vol. 1648, pp. 196–211. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  4. 4.
    Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)Google Scholar
  5. 5.
    Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)Google Scholar
  6. 6.
    Bellare, M., Shi, H., Zhang, C.: Foundations of group signatures: The case of dynamic groups. Cryptology ePrint Archive, Report 2004/077 (2004), http://eprint.iacr.org/
  7. 7.
    Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Camenisch, J.: Efficient and generalized group signatures. In: Fumy, W. (ed.) EUROCRYPT 1997, vol. 1233, pp. 465–479. Springer, Heidelberg (1997)Google Scholar
  10. 10.
    Camenisch, J., Groth, J.: Group signatures: Better efficiency and new theoretical aspects. In: Blundo, C., Cimato, S. (eds.) SCN 2004, vol. 3352, pp. 120–133. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Camenisch, J., Lysyanskaya, A.: An identity escrow scheme with appointed verifiers. In: Kilian, J. (ed.) CRYPTO 2001, vol. 2139, pp. 388–407. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Camenisch, J., Michels, M.: A group signature scheme with improved efficiency. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998, vol. 1514, pp. 160–174. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  14. 14.
    Camenisch, J., Michels, M.: Separability and efficiency for generic group signature schemes (extended abstract). In: Wiener, M. (ed.) CRYPTO 1999, vol. 1666, pp. 413–430. Springer, Heidelberg (1999)Google Scholar
  15. 15.
    Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)Google Scholar
  17. 17.
    Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991, vol. 547, pp. 257–265. Springer, Heidelberg (1991)Google Scholar
  18. 18.
    Chen, L., Pedersen, T.P.: New group signature schemes (extended abstract). In: De Santis, A. (ed.) EUROCRYPT 1994, vol. 950, pp. 171–181. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  19. 19.
    Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in ad hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Fouque, P.-A., Stern, J.: One round threshold discrete-log key generation without private channels. In: Kim, K.-c. (ed.) PKC 2001, vol. 1992, pp. 300–316. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  21. 21.
    Garay, J., MacKenzie, P.D., Yang, K.: Strengthening zero-knowledge protocols using signatures. In: Biham, E. (ed.) EUROCRYPT 2003, vol. 2656, pp. 177–194. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003, vol. 2656. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  23. 23.
    Kiayias, A., Tsiounis, Y., Yung, M.: Traceable signatures. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004, vol. 3027, pp. 571–589. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  24. 24.
    Kiayias, A., Yung, M.: Extracting group signatures from traitor tracing schemes. In: Biham, E. (ed.) EUROCRYPT 2003, vol. 2656, pp. 630–648. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  25. 25.
    Kiayias, A., Yung, M.: Group signatures: Provable security, efficient constructions and anonymity from trapdoor-holders. Cryptology ePrint Archive, Report 2004/076 (2004), http://eprint.iacr.org/
  26. 26.
    Kilian, J., Petrank, E.: Identity escrow. In: Krawczyk, H. (ed.) CRYPTO 1998, vol. 1462, pp. 169–185. Springer, Heidelberg (1998)Google Scholar
  27. 27.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)Google Scholar
  28. 28.
    Tsudik, G., Xu, S.: Accumulating composites and improved group signing. In: Laih, C.-S. (ed.) ASIACRYPT 2003, vol. 2894, pp. 269–286. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Aggelos Kiayias
    • 1
  • Moti Yung
    • 2
    • 3
  1. 1.Computer Science and EngineeringUniversity of ConnecticutStorrsUSA
  2. 2.RSA LaboratoriesBedford
  3. 3.Computer ScienceColumbia UniversityNew YorkUSA

Personalised recommendations