A Selectable k-Times Relaxed Anonymous Authentication Scheme

In a k-Times Anonymous Authentication (k-TAA) scheme, Application Providers (APs) authenticates each group member in k times. A user can preserve his/her own privacy and an AP can restrict the number of used services to just k-times, since users are identified if they access an AP more than k times. In all previous schemes, each AP assumes the same k for all users. Added to this, total anonymity of unlinkability requires large computation amount such as pairing computations compared with non-anonymous schemes. In this paper, we propose a selectable k-TAA scheme with relaxed anonymity. Relaxed anonymity is an intermediate level of privacy required between total anonymity and linkability, where authentication executions for the same AP are linkable, but an authentication execution with an AP v 0 and an authentication execution with an AP v 1 (v 0 ? v 1) are unlinkable. Our authentication algorithm is efficient than existing ones thanks to this relaxed notion.

[1]  A. Miyaji,et al.  New Explicit Conditions of Elliptic Curve Traces for FR-Reduction , 2001 .

[2]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[3]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[4]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[5]  Reihaneh Safavi-Naini,et al.  Dynamic k-Times Anonymous Authentication , 2005, ACNS.

[6]  Stanislaw Jarecki,et al.  Cryptographic Primitives Enforcing Communication and Storage Complexity , 2002, Financial Cryptography.

[7]  Victor K.-W. Wei,et al.  Short Linkable Ring Signatures for E-Voting, E-Cash and Attestation , 2005, ISPEC.

[8]  Goichiro Hanaoka,et al.  On the Theoretical Gap between Group Signatures with and without Unlinkability , 2009, AFRICACRYPT.

[9]  Lan Nguyen Efficient Dynamic k-Times Anonymous Authentication , 2006, VIETCRYPT.

[10]  Yi Mu,et al.  Constant-Size Dynamic k-TAA , 2006, SCN.

[11]  David Pointcheval,et al.  Dynamic Fully Anonymous Short Group Signatures , 2006, VIETCRYPT.

[12]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[13]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[14]  Kazue Sako,et al.  k-Times Anonymous Authentication (Extended Abstract) , 2004, ASIACRYPT.

[15]  Kazue Sako,et al.  k-Times Anonymous Authentication with a Constant Proving Cost , 2006, Public Key Cryptography.

[16]  Dan Boneh,et al.  Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups , 2008, Journal of Cryptology.