Forward-Secure Group Signatures from Pairings

To reduce the damage of key exposures, forward-secure group signature schemes have been first proposed by Song. In the forward-secure schemes, a secret key of a group member is updated by a one-way function every interval and the previous secret key is erased. Thus, even if a secret key is exposed, the signatures produced by the secret keys of previous intervals remain secure. Since the previous forward-secure group signature schemes are based on the strong RSA assumption, the signatures are longer than pairing-based group signatures. In addition, the complexity of the key update or signing/verification is O (T ), where T is the total number of intervals. In this paper, a forward-secure group signature scheme from pairings is proposed. The complexity of our key update and signing/verification is O (logT ).

[1]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[2]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[3]  Dawn Xiaodong Song,et al.  Practical forward secure group signature schemes , 2001, CCS '01.

[4]  Hideki Imai,et al.  An Efficient Group Signature Scheme from Bilinear Maps , 2005, ACISP.

[5]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[6]  Jianhong Zhang,et al.  A Novel Efficient Group Signature Scheme with Forward Security , 2003, ICICS.

[7]  Nigel P. Smart,et al.  On Computing Products of Pairings , 2006, IACR Cryptol. ePrint Arch..

[8]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[9]  Kazue Sako,et al.  Using group signatures for identity management and its implementation , 2006, DIM '06.

[10]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[11]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[12]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[13]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[14]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[15]  Frederik Vercauteren,et al.  The Eta Pairing Revisited , 2006, IEEE Transactions on Information Theory.

[16]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[17]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[18]  Guilin Wang,et al.  On the Security of a Group Signature Scheme with Forward Security , 2003, ICISC.

[19]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[20]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[21]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.