Short Dynamic Group Signature Scheme Supporting Controllable Linkability

The controllable linkability of group signatures introduced by Hwang et al. enables an entity who has a linking key to find whether or not two group signatures were generated by the same signer, while preserving the anonymity. This functionality is very useful in many applications that require the linkability but still need the anonymity, such as sybil attack detection in a vehicular ad hoc network and privacy-preserving data mining. In this paper, we present a new group signature scheme supporting the controllable linkability. The major advantage of this scheme is that the signature length is very short, even shorter than this in the best-known group signature scheme without supporting the linkability. We have implemented our scheme in both a Linux machine with an Intel Core2 Quad and an iPhone4. We compare the results with a number of existing group signature schemes. We also prove security features of our scheme, such as anonymity, traceability, nonframeability, and linkability, under a random oracle model.

[1]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[2]  Xavier Boyen,et al.  Expressive Subgroup Signatures , 2008, SCN.

[3]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[4]  Ahmad-Reza Sadeghi,et al.  Linkable Democratic Group Signatures , 2006, IACR Cryptol. ePrint Arch..

[5]  Moti Yung,et al.  Short Traceable Signatures Based on Bilinear Pairings , 2006, IWSEC.

[6]  Sébastien Canard,et al.  List signature schemes , 2006, Discret. Appl. Math..

[7]  Joseph K. Liu,et al.  Separable Linkable Threshold Ring Signatures , 2004, INDOCRYPT.

[8]  Moti Yung,et al.  Efficient traceable signatures in the standard model , 2009, Theor. Comput. Sci..

[9]  Victor K.-W. Wei Tracing-by-Linking Group Signatures , 2005, ISC.

[10]  Jung Yeon Hwang,et al.  Short Group Signatures with Controllable Linkability , 2011, 2011 Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications.

[11]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[12]  Joseph K. Liu,et al.  Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (Extended Abstract) , 2004, ACISP.

[13]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[14]  Jinhua Guo,et al.  A Group Signature Based Secure and Privacy-Preserving Vehicular Communication Framework , 2007, 2007 Mobile Networking for Vehicular Environments.

[15]  Yuguang Fang,et al.  An ID-based Framework Achieving Privacy and Non-Repudiation in Vehicular Ad Hoc Networks , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[16]  Sherman S. M. Chow Real Traceable Signatures , 2009, Selected Areas in Cryptography.

[17]  David Pointcheval,et al.  Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks , 2001, ASIACRYPT.

[18]  Shouhuai Xu,et al.  Accumulating Composites and Improved Group Signing , 2003, ASIACRYPT.

[19]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[20]  Padhraic Smyth,et al.  From Data Mining to Knowledge Discovery: An Overview , 1996, Advances in Knowledge Discovery and Data Mining.

[21]  Jens Groth,et al.  Fully Anonymous Group Signatures without Random Oracles , 2007, IACR Cryptol. ePrint Arch..

[22]  Jiangtao Li,et al.  Flexible and scalable digital signatures in TPM 2.0 , 2013, CCS.

[23]  Jan Camenisch,et al.  A General Certification Framework with Applications to Privacy-Enhancing Certificate Infrastructures , 2006, SEC.

[24]  Mihir Bellare,et al.  Foundations of Group Signatures: The Case of Dynamic Groups , 2005, CT-RSA.

[25]  Jiangtao Li,et al.  A Pairing-Based DAA Scheme Further Reducing TPM Resources , 2010, TRUST.

[26]  Mark Manulis,et al.  Democratic group signatures: on an example of joint ventures , 2006, ASIACCS '06.

[27]  Jan Camenisch,et al.  Efficient Attributes for Anonymous Credentials , 2012, TSEC.

[28]  Jonathan Katz,et al.  A Group Signature Scheme from Lattice Assumptions , 2010, IACR Cryptol. ePrint Arch..

[29]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[30]  Jan Camenisch,et al.  Get Shorty via Group Signatures without Encryption , 2010, SCN.

[31]  Bo Zhu,et al.  Anonymous User Communication for Privacy Protection in Wireless Metropolitan Mesh Networks , 2010, IEEE Transactions on Vehicular Technology.

[32]  Pin-Han Ho,et al.  An Efficient Message Authentication Scheme for Vehicular Communications , 2008, IEEE Transactions on Vehicular Technology.

[33]  Jiangtao Li,et al.  Simplified security notions of direct anonymous attestation and a concrete scheme from pairings , 2009, International Journal of Information Security.

[34]  Josep Domingo-Ferrer,et al.  Balanced Trustworthiness, Safety, and Privacy in Vehicle-to-Vehicle Communications , 2010, IEEE Transactions on Vehicular Technology.

[35]  Jung Yeon Hwang,et al.  Group signatures with controllable linkability for dynamic membership , 2013, Inf. Sci..

[36]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[37]  Jan Camenisch,et al.  Anonymous credentials on a standard java card , 2009, CCS.

[38]  K. Paterson Advances in Elliptic Curve Cryptography: Cryptography from Pairings , 2005 .

[39]  Hyang-Sook Lee,et al.  Pairing-Friendly Curves with Minimal Security Loss by Cheon's Algorithm , 2011 .

[40]  Xiaodong Lin,et al.  An Efficient Pseudonymous Authentication Scheme With Strong Privacy Preservation for Vehicular Communications , 2010, IEEE Transactions on Vehicular Technology.

[41]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[42]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[43]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[44]  Tsz Hon Yuen,et al.  Escrowed Linkability of Ring Signatures and Its Applications , 2006, VIETCRYPT.

[45]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[46]  Andreas Pashalidis,et al.  Relations among privacy notions , 2009, TSEC.

[47]  Dan Boneh,et al.  Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups , 2008, Journal of Cryptology.

[48]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[49]  Jacques Traoré,et al.  Fair Blind Signatures Revisited , 2007, Pairing.

[50]  Aggelos Kiayias,et al.  Group Signatures with Efficient Concurrent Join , 2005, EUROCRYPT.

[51]  Vitaly Shmatikov,et al.  Information Hiding, Anonymity and Privacy: a Modular Approach , 2004, J. Comput. Secur..

[52]  Huaxiong Wang,et al.  Lattice-based Group Signature Scheme with Verifier-local Revocation , 2014, IACR Cryptol. ePrint Arch..

[53]  David Pointcheval,et al.  Dynamic Fully Anonymous Short Group Signatures , 2006, VIETCRYPT.

[54]  Bernd Meyer,et al.  Attacking Unlinkability: The Importance of Context , 2007, Privacy Enhancing Technologies.