Advertisement

Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys

  • Michael Backes
  • Lucjan Hanzlik
  • Kamil Kluczniak
  • Jonas SchneiderEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11273)

Abstract

We introduce a new cryptographic primitive called signatures with flexible public key \((\mathsf{SFPK})\). We divide the key space into equivalence classes induced by a relation \(\mathcal {R}\). A signer can efficiently change his or her key pair to a different representatives of the same class, but without a trapdoor it is hard to distinguish if two public keys are related. Our primitive is motivated by structure-preserving signatures on equivalence classes (\(\mathsf{SPS\text {-}EQ}\)), where the partitioning is done on the message space. Therefore, both definitions are complementary and their combination has various applications.

We first show how to efficiently construct static group signatures and self-blindable certificates by combining the two primitives. When properly instantiated, the result is a group signature scheme that has a shorter signature size than the current state-of-the-art scheme by Libert, Peters, and Yung from Crypto’15, but is secure in the same setting.

In its own right, our primitive has stand-alone applications in the cryptocurrency domain, where it can be seen as a straightforward formalization of so-called stealth addresses. Finally, it can be used to build the first efficient ring signature scheme in the plain model without trusted setup, where signature size depends only sub-linearly on the number of ring members. Thus, we solve an open problem stated by Malavolta and Schröder at ASIACRYPT’2017.

Keywords

Flexible Public Key Equivalence classes Stealth addresses Ring signatures Group signatures 

Notes

Acknowledgments

This work was supported by the German Federal Ministry of Education and Research (BMBF) through funding for CISPA and the CISPA-Stanford Center for Cybersecurity (FKZ: 16KIS0762).

References

  1. 1.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005).  https://doi.org/10.1007/11555827_10CrossRefGoogle Scholar
  2. 2.
    Attrapadung, N., Libert, B., Peters, T.: Efficient completely context-hiding quotable and linearly homomorphic signatures. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 386–404. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36362-7_24CrossRefGoogle Scholar
  3. 3.
    Backes, M., Hanzlik, L., Kluczniak, K., Schneider, J.: Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys. Cryptology ePrint Archive, Report 2018/191 (2018)Google Scholar
  4. 4.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006).  https://doi.org/10.1007/11693383_22CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-39200-9_38CrossRefGoogle Scholar
  6. 6.
    Bender, A., Katz, J., Morselli, R.: Ring signatures: stronger definitions, and constructions without random oracles. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 60–79. Springer, Heidelberg (2006).  https://doi.org/10.1007/11681878_4CrossRefGoogle Scholar
  7. 7.
    Bichsel, P., Camenisch, J., Neven, G., Smart, N.P., Warinschi, B.: Get shorty via group signatures without encryption. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 381–398. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-15317-4_24CrossRefGoogle Scholar
  8. 8.
    Blazy, O., Fuchsbauer, G., Pointcheval, D., Vergnaud, D.: Signatures on randomizable ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 403–422. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_25CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_3CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Freeman, D., Katz, J., Waters, B.: Signing a linear subspace: signature schemes for network coding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_5CrossRefGoogle Scholar
  11. 11.
    Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signatures based on computational Diffie-Hellman. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 229–240. Springer, Heidelberg (2006).  https://doi.org/10.1007/11745853_15CrossRefGoogle Scholar
  12. 12.
    Boyen, X.: Mesh signatures. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 210–227. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-72540-4_12CrossRefGoogle Scholar
  13. 13.
    Boyen, X., Waters, B.: Full-domain subgroup hiding and constant-size group signatures. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 1–15. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71677-8_1CrossRefGoogle Scholar
  14. 14.
    Camenisch, J., Groth, J.: Group signatures: better efficiency and new theoretical aspects. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 120–133. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30598-9_9CrossRefGoogle Scholar
  15. 15.
    Chandran, N., Groth, J., Sahai, A.: Ring signatures of sub-linear size without random oracles. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 423–434. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73420-8_38CrossRefGoogle Scholar
  16. 16.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable signatures: new Definitions and delegatable anonymous credentials. In: CSF 2014. IEEE Computer Society (2014)Google Scholar
  17. 17.
    Chatterjee, S., Menezes, A.: On cryptographic protocols employing asymmetric pairings - the role of revisited. Discret. Appl. Math. 159(13), 1311–1322 (2011)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991).  https://doi.org/10.1007/3-540-46416-6_22CrossRefGoogle Scholar
  19. 19.
    Chow, S.S.M., Wei, V.K.-W., Liu, J.K., Yuen, T.H.: Ring signatures without random oracles. In: Lin, F.-C., Lee, D.-T., Paul, B.-S.P., Lin, Shieh, S., Jajodia, S. (eds.) ASIACCS 2006. ACM (2006)Google Scholar
  20. 20.
    Courtois, N.T., Mercer, R.: Stealth address and key management techniques in blockchain systems. In: Mori, P., Furnell, S., Camp, O. (eds.) ICISSP 2017. SciTePress (2017)Google Scholar
  21. 21.
    Damgård, I., Nielsen, J.B.: Improved non-committing encryption schemes based on a general complexity assumption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 432–450. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44598-6_27CrossRefGoogle Scholar
  22. 22.
    Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49384-7_12CrossRefGoogle Scholar
  23. 23.
    Fuchsbauer, G., Gay, R.: Weakly Secure Equivalence-Class Signatures from Standard Assumptions. Cryptology ePrint Archive, Report 2018/037 (2018)Google Scholar
  24. 24.
    Fuchsbauer, G., Hanser, C., Slamanig, D.: EUF-CMA- Secure Structure-Preserving Signatures on Equivalence Classes. Cryptology ePrint Archive, Report 2014/944 (2014)Google Scholar
  25. 25.
    Fuchsbauer, G., Hanser, C., Slamanig, D.: Practical round-optimal blind signatures in the standard model. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 233–253. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_12CrossRefzbMATHGoogle Scholar
  26. 26.
    Ghadafi, E., Smart, N.P., Warinschi, B.: Groth–Sahai proofs revisited. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 177–192. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13013-7_11CrossRefGoogle Scholar
  27. 27.
    Groth, J., Ostrovsky, R., Sahai, A.: Non-interactive zaps and new techniques for NIZK. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 97–111. Springer, Heidelberg (2006).  https://doi.org/10.1007/11818175_6CrossRefGoogle Scholar
  28. 28.
    Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78967-3_24CrossRefGoogle Scholar
  29. 29.
    Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and their application to anonymous credentials. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 491–511. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45611-8_26CrossRefGoogle Scholar
  30. 30.
    Hofheinz, D., Kiltz, E.: Programmable hash functions and their applications. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 21–38. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_2CrossRefGoogle Scholar
  31. 31.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45760-7_17CrossRefGoogle Scholar
  32. 32.
    Libert, B., Peters, T., Yung, M.: Short group signatures via structure-preserving signatures: standard model security from simple assumptions. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 296–316. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_15CrossRefGoogle Scholar
  33. 33.
    Libert, B., Vergnaud, D.: Multi-use unidirectional proxy resignatures. In: Ning, P., Syverson, P.F., Jha, S.: CCS 2008. ACM (2008)Google Scholar
  34. 34.
    Malavolta, G., Schröder, D.: Efficient ring signatures in the standard model. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 128–157. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70697-9_5CrossRefzbMATHGoogle Scholar
  35. 35.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf
  36. 36.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45682-1_32CrossRefGoogle Scholar
  37. 37.
    van Saberhagen, N.: CryptoNote v 2.0., October 2013. https://cryptonote.org/whitepaper.pdf
  38. 38.
    Shacham, H., Waters, B.: Efficient ring signatures without random oracles. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 166–180. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71677-8_12CrossRefGoogle Scholar
  39. 39.
  40. 40.
    Verheul, E.R.: Self-blindable credential certificates from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 533–551. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45682-1_31CrossRefGoogle Scholar
  41. 41.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_7CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  • Michael Backes
    • 1
    • 3
  • Lucjan Hanzlik
    • 2
    • 3
  • Kamil Kluczniak
    • 1
    • 3
    • 4
  • Jonas Schneider
    • 2
    • 3
    Email author
  1. 1.CISPA Helmholtz Center (i.G.) GmbHSaarbrückenGermany
  2. 2.CISPASaarland UniversitySaarbrückenGermany
  3. 3.Saarland Informatics CampusSaarbrückenGermany
  4. 4.Department of ComputingThe Hong Kong Polytechnic UniversityKowloonHong Kong

Personalised recommendations