Advertisement

k-Times Anonymous Authentication with a Constant Proving Cost

  • Isamu Teranishi
  • Kazue Sako
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3958)

Abstract

A k-Times Anonymous Authentication (k-TAA) scheme allows users to be authenticated anonymously so long as the number of times that they are authenticated is within an allowable number. Some promising applications are e-voting, e-cash, e-coupons, and trial browsing of contents. However, the previous schemes are not efficient in the case where the allowable number k is large, since they require both users and verifiers to compute O(k) exponentiation in each authentication. We propose a k-TAA scheme where the numbers of exponentiations required for the entities in an authentication are independent of k. Moreover, we propose a notion of public detectability in a k-TAA scheme and present an efficient publicly verifiable k-TAA scheme, where the number of modular exponentiations required for the entities is O(log(k)).

Keywords

k-times anonymous authentication efficiency public verifiability 
Download to read the full conference paper text

References

  1. [ACJT00]
    Ateniese, G., Camenisch, J.L., Joye, M., Tsudik, G.: A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In: Bellare, M. (ed.) CRYPTO 2000, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)Google Scholar
  2. [AF96]
    Abe, F.: How to Date Blind Signatures. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 244–251. Springer, Heidelberg (1996)Google Scholar
  3. [AM03]
    Medeiros, A.: Efficient Group Signatures without Trapdoors. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 246–268. Springer, Heidelberg (2003)Google Scholar
  4. [BCK03]
    Bellare, Canetti, Krawczyk: Pseudorandom functions revisited: The cascade construction and its concrete security. In: FOCS 1996, pp. 514–523 (1996)Google Scholar
  5. [BMW03]
    Bellare, Micciancio, Warinschi: Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)Google Scholar
  6. [BSZ05]
    Bellare, M., Shi, H., Zhang, C.: Foundations of Group Signatures: The Case of Dynamic Groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005)Google Scholar
  7. [BB04]
    Boneh, D., Boyen, X.: Short Signatures Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)Google Scholar
  8. [BBS04]
    Boneh, D., Boyen, X., Shacham, H.: Short Group Signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  9. [B00]
    Boudot, F.: Efficient Proofs that a Committed Number Lies in an Interval. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 431–444. Springer, Heidelberg (2000)Google Scholar
  10. [B93]
    Brands. An Efficient Off-line Electronic Cash System Based On The Representation Problem. TR. CS-R9323, Centrum voor Wiskunde en InformaticaGoogle Scholar
  11. [BCC04]
    Brickell, Camenisch, Chen: Direct Anonymous Attestation. In: ACMCCS 2004, pp. 132–145 (2004)Google Scholar
  12. [CDS94]
    Cramer, R., Damgård, I.B., Schoenmakers, B.: Proof of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  13. [CFT98]
    Chan, A.H., Frankel, Y., Tsiounis, Y.: Easy Come - Easy Go Divisible Cash. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 614–629. Springer, Heidelberg (1998)Google Scholar
  14. [CG04]
    Camenisch, J.L., Groth, J.: Group Signatures: Better Efficiency and New Theoretical Aspects. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 120–133. Springer, Heidelberg (2005)Google Scholar
  15. [CHL05]
    Camenisch, J.L., Hohenberger, S., Lysyanskaya, A.: Compact E-Cash. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 302–321. Springer, Heidelberg (2005)Google Scholar
  16. [CL02]
    Camenisch, J.L., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)Google Scholar
  17. [CL04]
    Camenisch, J.L., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  18. [CH91]
    Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)Google Scholar
  19. [CP92]
    Chaum, D., Pedersen, T.P.: Transferred Cash Grows in Size. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 390–407. Springer, Heidelberg (1993)Google Scholar
  20. [CT03]
    Canard, T.: List Signature Schemes and Application to Electronic Voting. In: International Workshop on Coding and Cryptography 2003, pp. 24–28 (2003)Google Scholar
  21. [CT04]
    Canard, S., Stam, T.: List Signature Schemes. Special Issue of the Journal Discrete Applied mathematics (2005)Google Scholar
  22. [DJ01]
    Jurik, D.: A Generalization, a Simplification and Some Applications of Paillier’s Probabilistic Public-key system. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001)Google Scholar
  23. [DN02]
    Damgård, I.B., Nielsen, J.B.: Expanding Pseudorandom Functions; or: From Known-Plaintext Security to Chosen-Plaintext Security. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 449–464. Springer, Heidelberg (2002)Google Scholar
  24. [DY05]
    Dodis, Y., Yampolskiy, A.: A Verifiable Random Function with Short Proofs and Keys. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 416–431. Springer, Heidelberg (2005)Google Scholar
  25. [FI05]
    Furukawa, J., Imai, H.: An Efficient Group Signature Scheme from Bilinear Maps. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 455–467. Springer, Heidelberg (2005)Google Scholar
  26. [FS01]
    Furukawa, J., Sako, K.: An Efficient Scheme for Proving a Shuffle. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 368–387. Springer, Heidelberg (2001)Google Scholar
  27. [GGM86]
    Goldreich, Goldwasser, Micali: How to construct random function. J.ACM 33(4), 797–807 (1986)Google Scholar
  28. [KY04]
    Kiayias, Y.: Group Signatures: Provable Secure, Efficient Constructions and Anonymity from Trapdoor Holders (2004), http://eprint.iacr.org/2004/076.ps
  29. [KY05]
    Kiayias, A., Yung, M.: Group Signatures with Efficient Concurrent Join. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 198–214. Springer, Heidelberg (2005), http://eprint.iacr.org/2005/345
  30. [MSK02]
    Mitsunari, Sakai, Kasahara: A new traitor tracing. IEICE Trans. 85(2), 481–484 (2002)Google Scholar
  31. [NHS99]
    Nakanishi, T., Haruna, N., Sugiyama, Y.: Unlinkable Electronic Coupon Protocol with Anonymity Control. In: Zheng, Y., Mambo, M. (eds.) ISW 1999. LNCS, vol. 1729, pp. 37–46. Springer, Heidelberg (1999)Google Scholar
  32. [NR97]
    Reingold, N.: Number-Theoretic Constructions of Efficient Pseudo- Random Functions. In: FOCS 1997, pp. 458–467 (1997)Google Scholar
  33. [NN04]
    Nguyen, L., Safavi-Naini, R.: Efficient and Provably Secure Trapdoor-free Group Signature Schemes from Bilinear Pairings. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 372–386. Springer, Heidelberg (2004)Google Scholar
  34. [NN05]
    Nguyen, L., Safavi-Naini, R.: Dynamic k-Times Anonymous Authentication. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 318–333. Springer, Heidelberg (2005)Google Scholar
  35. [Neff01]
    Neff: A Verifiable Secret Shuffle and its Application to E-Voting. In: ACMCCS 2001, pp. 116–125 (2001)Google Scholar
  36. [OO98]
    Okamoto, T., Ohta: One-Time Zero-Knowledge Authentications and Their Applications to Untraceable Electronic Cash. IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences 81(1), 2–10 (1998)Google Scholar
  37. [OMAFO99]
    Ohkubo, M., Miura, F., Abe, M., Fujioka, A., Okamoto, T.: An improvement of a practical secret voting scheme. In: Zheng, Y., Mambo, M. (eds.) ISW 1999. LNCS, vol. 1729, pp. 37–46. Springer, Heidelberg (1999)Google Scholar
  38. [PBF99]
    Pavlovski, C., Boyd, C., Foo, E.: Detachable Electronic Coins. In: Varadharajan, V., Mu, Y. (eds.) ICICS 1999. LNCS, vol. 1726, pp. 54–70. Springer, Heidelberg (1999)Google Scholar
  39. [P91]
    Pedersen, T.P.: A Threshold Cryptosystem without a Trusted Party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522–526. Springer, Heidelberg (1991)Google Scholar
  40. [S00]
    Sako: Restricted Anonymous Participation. In: SCIS 2000, B12 (Japanese)Google Scholar
  41. [SK94]
    Sako, K., Kilian, J.: Secure Voting using Partially Compatible Homomorphisms. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 411–424. Springer, Heidelberg (1994)Google Scholar
  42. [TF03]
    Teranishi, I., Furukawa, J.: Tag Signature. In: SCIS 2003, 6C-2 (2003) (Japanese. Preliminary version of [TFS04])Google Scholar
  43. [TFS04]
    Teranishi, I., Furukawa, J., Sako, K.: k-Times Anonymous Authentication. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Isamu Teranishi
    • 1
  • Kazue Sako
    • 1
  1. 1.NEC CorporationJapan

Personalised recommendations

Cite paper