Escrow free attribute-based signature with self-revealability

A major limitation of attribute-based cryptographic primitives is that a curious attribute authority (AA) can simply generate a user's private key to sign or decrypt messages on behalf of this user. With this in mind, different from existing techniques for mitigating the key escrow problem by adopting multiple AAs to generate the attribute-based private key in the attribute-based setting, we make use of a key extraction protocol to replace the key generation algorithm in attributed-based signature (ABS), from which the key generation center (KGC) cannot forge a signature on behalf of a legal user with attributes satisfying the corresponding predicate, despite the the participation in generating the signing key. In addition, considering that the signer anonymous property of ABS makes it difficult for a signer (when necessary) to present evidence to the verifier that a signature is created under his/her signing key, especially in the circumstance where the user uniquely knows his/her private key, we append a signer revelation protocol to our ABS system to enable a user to confirm or deny his/her identity of producing an attribute-based signature. Given these concerns, we define a formal model to capture such a system architecture of ABS called escrow free ABS with self-revealability, and provide a concrete construction.

[1]  Jin Li,et al.  Attribute-Based Ring Signatures , 2008, IACR Cryptol. ePrint Arch..

[2]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[3]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[4]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[5]  Tatsuaki Okamoto,et al.  Decentralized Attribute-Based Signatures , 2013, Public Key Cryptography.

[6]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[7]  Sherman S. M. Chow Removing Escrow from Identity-Based Encryption , 2009, Public Key Cryptography.

[8]  David Chaum,et al.  Blind Signature System , 1983, CRYPTO.

[9]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[10]  Ali El Kaafarani,et al.  Decentralized Traceable Attribute-Based Signatures , 2014, CT-RSA.

[11]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[12]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[13]  Paz Morillo,et al.  Revocable Attribute-Based Signatures with Adaptive Security in the Standard Model , 2011, AFRICACRYPT.

[14]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, Journal of Cryptology.

[15]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[16]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[17]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[18]  Dalia Khader,et al.  Attribute Based Group Signatures , 2007, IACR Cryptol. ePrint Arch..

[19]  Brent Waters,et al.  Black-box accountable authority identity-based encryption , 2008, CCS.

[20]  Tsz Hon Yuen,et al.  Forward Secure Attribute-Based Signatures , 2012, ICICS.

[21]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.

[22]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[23]  Tatsuaki Okamoto,et al.  Efficient Attribute-Based Signatures for Non-Monotone Predicates in the Standard Model , 2014, IEEE Transactions on Cloud Computing.

[24]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[25]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[26]  Yi Mu,et al.  How to construct identity-based signatures without the key escrow problem , 2009, International Journal of Information Security.

[27]  Joseph K. Liu,et al.  Traceable and Retrievable Identity-Based Encryption , 2008, ACNS.

[28]  Xavier Boyen,et al.  Mesh Signatures , 2007, EUROCRYPT.

[29]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[30]  Markulf Kohlweiss,et al.  P-signatures and Noninteractive Anonymous Credentials , 2008, TCC.