A Revocable Group Signature Scheme from Identity-Based Revocation Techniques: Achieving Constant-Size Revocation List

Any multi-user cryptographic primitives need revocation since a legitimate user may quit the organization, or may turn to be malicious, or the key may be leaked. In the group signature context, usually group manager publishes the revocation list that contains revocation tokens. Since signers/verifiers need to obtain the revocation list in each revocation epoch for generating/verifying a group signature, a small-size revocation list is really important in practice. However, all previous revocable group signatures require at least O(r)-size revocation list, where r is the number of revoked users. In this paper, we propose the first revocable group signature scheme with the constant size revocation list from identity-based revocation (IBR) techniques. We use an IBR scheme proposed by Attrapadung-Libert-Panafieu (PKC2011) as a building block. Although the maximum number of the revoked users needs to be fixed in the setup phase, however, the maximum number of group members is potentially unbounded (as in IBR). This property has not been achieved in the recent scalable revocable group signature schemes, and seems to be of independent interest.

[1]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[2]  Phong Q. Nguyen Progress in Cryptology - VIETCRYPT 2006 , 2007 .

[3]  Masayuki Abe,et al.  Signing on Elements in Bilinear Groups for Modular Protocol Design , 2010, IACR Cryptol. ePrint Arch..

[4]  Jens Groth,et al.  Simulation-Sound NIZK Proofs for a Practical Language and Constant Size Group Signatures , 2006, ASIACRYPT.

[5]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[6]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.

[7]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[8]  Nigel P. Smart,et al.  Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[9]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[10]  Moti Yung,et al.  Group Signatures with Almost-for-Free Revocation , 2012, CRYPTO.

[11]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[12]  Nobuo Funabiki,et al.  Revocable Group Signatures with Compact Revocation List Using Accumulators , 2013, ICISC.

[13]  Stanislaw Jarecki,et al.  Public Key Cryptography – PKC 2009 , 2009, Lecture Notes in Computer Science.

[14]  Aggelos Kiayias,et al.  Secure scalable group signature with dynamic joins and separable authorities , 2006, Int. J. Secur. Networks.

[15]  Mark Manulis,et al.  Cryptology and Network Security , 2012, Lecture Notes in Computer Science.

[16]  Aggelos Kiayias,et al.  Group Signatures: Provable Security, Efficient Constructions and Anonymity from Trapdoor-Holders , 2004, IACR Cryptol. ePrint Arch..

[17]  Moti Yung,et al.  Scalable Group Signatures with Revocation , 2012, EUROCRYPT.

[18]  Georg Fuchsbauer,et al.  Structure-Preserving Signatures and Commitments to Group Elements , 2010, CRYPTO.

[19]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[20]  Xavier Boyen,et al.  The Uber-Assumption Family , 2008, Pairing.

[21]  Hideki Imai,et al.  An Efficient Group Signature Scheme from Bilinear Maps , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[22]  Nobuo Funabiki,et al.  Revocable Group Signature Schemes with Constant Costs for Signing and Verifying , 2009, Public Key Cryptography.

[23]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[24]  David Pointcheval,et al.  Dynamic Fully Anonymous Short Group Signatures , 2006, VIETCRYPT.

[25]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[26]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[27]  Kenneth G. Paterson,et al.  Security of Symmetric Encryption in the Presence of Ciphertext Fragmentation , 2012, IACR Cryptol. ePrint Arch..

[28]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[29]  Daesung Kwon,et al.  Information Security and Cryptology – ICISC 2012 , 2012, Lecture Notes in Computer Science.

[30]  Jens Groth,et al.  Fully Anonymous Group Signatures without Random Oracles , 2007, IACR Cryptol. ePrint Arch..

[31]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[32]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[33]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[34]  Kefei Chen,et al.  Advances in Cryptology - ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, China, December 3-7, 2006, Proceedings , 2006, ASIACRYPT.

[35]  Steven D. Galbraith,et al.  Pairing-Based Cryptography - Pairing 2008, Second International Conference, Egham, UK, September 1-3, 2008. Proceedings , 2008, Pairing.

[36]  Dan Boneh,et al.  Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups , 2008, Journal of Cryptology.

[37]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[38]  Moti Yung,et al.  Concise Mercurial Vector Commitments and Independent Zero-Knowledge Sets with Short Proofs , 2010, TCC.

[39]  Allison Bishop,et al.  Revocation Systems with Very Small Private Keys , 2010, 2010 IEEE Symposium on Security and Privacy.

[40]  Benoît Libert,et al.  Group Signatures with Verifier-Local Revocation and Backward Unlinkability in the Standard Model , 2009, CANS.

[41]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2012 , 2012, Lecture Notes in Computer Science.

[42]  Tal Rabin Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings , 2010, CRYPTO.

[43]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[44]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[45]  T. Nakanishi,et al.  Efficient Proofs for CNF Formulas on Attributes in Pairing-Based Anonymous Credential System , 2013 .

[46]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[47]  Mark Manulis,et al.  Group Signature with Constant Revocation Costs for Signers and Verifiers , 2011, CANS.

[48]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[49]  Eike Kiltz,et al.  Chosen-Ciphertext Security from Tag-Based Encryption , 2006, TCC.