Advertisement

Batch Groth–Sahai

  • Olivier Blazy
  • Georg Fuchsbauer
  • Malika Izabachène
  • Amandine Jambert
  • Hervé Sibert
  • Damien Vergnaud
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6123)

Abstract

In 2008, Groth and Sahai proposed a general methodology for constructing non-interactive zero-knowledge (and witness-indistinguishable) proofs in bilinear groups. While avoiding expensive NP-reductions, these proof systems are still inefficient due to the number of pairing computations required for verification. We apply recent techniques of batch verification to the Groth-Sahai proof systems and succeed to improve significantly the complexity of proof verification. We give explicit batch-verification formulas for generic Groth-Sahai equations (whose cost is less than a tenth of the original) as well as for specific popular protocols relying on their methodology (namely Groth’s group signatures and the P-signatures by Belenkiy, Chase, Kohlweiss and Lysyanskaya).

Keywords

Pairing-based cryptography Batch verification Groth-Sahai proof system 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [ACHdM05]
    Ateniese, G., Camenisch, J., Hohenberger, S., de Medeiros, B.: Practical group signatures without random oracles. Cryptology ePrint Archive, Report 2005/385 (2005)Google Scholar
  2. [BB08]
    Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptology 21(2), 149–177 (2008)zbMATHCrossRefMathSciNetGoogle Scholar
  3. [BBS04]
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  4. [BCC+09]
    Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009)Google Scholar
  5. [BCKL08]
    Belenkiy, M., Chase, M., Kohlweiss, M., Lysyanskaya, A.: P-signatures and noninteractive anonymous credentials. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 356–374. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. [BCKL09]
    Belenkiy, M., Chase, M., Kohlweiss, M., Lysyanskaya, A.: Compact E-cash and simulatable vRFs revisited. In: Shacham, H. (ed.) PAIRING 2009. LNCS, vol. 5671, pp. 114–131. Springer, Heidelberg (2009)Google Scholar
  7. [BFI+10]
    Blazy, O., Fuchsbauer, G., Izabachène, M., Jambert, A., Sibert, H., Vergnaud, D.: Batch Groth-Sahai. Cryptology ePrint Archive, Report 2010/040 (2010)Google Scholar
  8. [BFM90]
    Blum, M., Feldman, P., Micali, S.: Proving security against chosen cyphertext attacks. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 256–268. Springer, Heidelberg (1990)Google Scholar
  9. [BFPW07]
    Boldyreva, A., Fischlin, M., Palacio, A., Warinschi, B.: A closer look at PKI: Security and efficiency. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 458–475. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. [BGN05]
    Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005)Google Scholar
  11. [BGR98]
    Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 236–250. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  12. [BR93]
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM CCS 93 Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  13. [BSZ05]
    Bellare, M., Shi, H., Zhang, C.: Foundations of group signatures: The case of dynamic groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005)Google Scholar
  14. [BW06]
    Boyen, X., Waters, B.: Compact group signatures without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 427–444. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. [BW07]
    Boyen, X., Waters, B.: Full-domain subgroup hiding and constant-size group signatures. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 1–15. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. [CGH98]
    Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited (preliminary version). In: 30th ACM STOC, pp. 209–218. ACM Press, New York (1998)Google Scholar
  17. [CGS07]
    Chandran, N., Groth, J., Sahai, A.: Ring signatures of sub-linear size without random oracles. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 423–434. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. [CHP07]
    Camenisch, J., Hohenberger, S., Pedersen, M.Ø.: Batch verification of short signatures. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 246–263. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. [FGHP09]
    Ferrara, A.L., Green, M., Hohenberger, S., Pedersen, M.Ø.: Practical short signature batch verification. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 309–324. Springer, Heidelberg (2009)Google Scholar
  20. [Fia90]
    Fiat, A.: Batch RSA. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 175–185. Springer, Heidelberg (1990)Google Scholar
  21. [FPV09]
    Fuchsbauer, G., Pointcheval, D., Vergnaud, D.: Transferable constant-size fair e-cash. In: Miyaji, A., Echizen, I., Okamoto, T. (eds.) CANS 2009. LNCS, vol. 5888, pp. 226–247. Springer, Heidelberg (2009)Google Scholar
  22. [GL07]
    Groth, J., Lu, S.: A non-interactive shuffle with pairing based verifiability. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 51–67. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  23. [GPS08]
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156(16), 3113–3121 (2008)zbMATHCrossRefMathSciNetGoogle Scholar
  24. [Gro07]
    Groth, J.: Fully anonymous group signatures without random oracles. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 164–180. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. [GS06]
    Granger, R., Smart, N.P.: On Computing Products of Pairings. Cryptology ePrint Archive, Report 2006/172 (2006)Google Scholar
  26. [GS08]
    Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. [GSW09]
    Ghadafi, E., Smart, N.P., Warinschi, B.: Groth–sahai proofs revisited. Cryptology ePrint Archive, Report 2009/599 (2009)Google Scholar
  28. [Mat09]
    Matt, B.J.: Identification of multiple invalid signatures in pairing-based batched signatures. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 337–356. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  29. [NMVR94]
    Naccache, D., M’Raïhi, D., Vaudenay, S., Raphaeli, D.: Can D.S.A. be improved? complexity trade-offs with the digital signature standard. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 77–85. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  30. [PMPS00]
    Pastuszak, J., Michatek, D., Pieprzyk, J., Seberry, J.: Identification of bad signatures in batches. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 28–45. Springer, Heidelberg (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Olivier Blazy
    • 1
  • Georg Fuchsbauer
    • 1
  • Malika Izabachène
    • 2
  • Amandine Jambert
    • 3
    • 4
  • Hervé Sibert
    • 5
  • Damien Vergnaud
    • 1
  1. 1.École normale supérieure-CNRS-INRIAParis Cedex 05France
  2. 2.Université de VersaillesVersaillesFrance
  3. 3.Orange Labs R&DCaen CedexFrance
  4. 4.IMBUniversité Bordeaux 1TalenceFrance
  5. 5.ST-EricssonLe Mans Cedex 9France

Personalised recommendations