Accountable Metadata-Hiding Escrow: A Group Signature Case Study

Abstract A common approach to demands for lawful access to encrypted data is to allow a trusted third party (TTP) to gain access to private data. However, there is no way to verify that this trust is well placed as the TTP may open all messages indiscriminately. Moreover, existing approaches do not scale well when, in addition to the content of the conversation, one wishes to hide one’s identity. Given the importance of metadata this is a major problem. We propose a new approach in which users can retroactively verify cryptographically whether they were wiretapped. As a case study, we propose a new signature scheme that can act as an accountable replacement for group signatures, accountable forward and backward tracing signatures.

[1]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, IEEE Symposium on Security and Privacy.

[2]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.

[3]  Holger Vogt,et al.  Auditable Tracing with Unconditional Anonymity , 2001 .

[4]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[5]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[6]  Kaoru Kurosawa,et al.  Multi-recipient Public-Key Encryption with Shortened Ciphertext , 2002, Public Key Cryptography.

[7]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[8]  Tibor Jager,et al.  Tightly secure signatures and public-key encryption , 2012, Designs, Codes and Cryptography.

[9]  Jens Groth,et al.  Optimal Structure-Preserving Signatures in Asymmetric Bilinear Groups , 2011, CRYPTO.

[10]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[11]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[12]  Mark Ryan,et al.  Balancing Societal Security and Individual Privacy: Accountable Escrow System , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[13]  Georg Fuchsbauer,et al.  Transferable Constant-Size Fair E-Cash , 2009, IACR Cryptol. ePrint Arch..

[14]  Masayuki Abe,et al.  Signing on Elements in Bilinear Groups for Modular Protocol Design , 2010, IACR Cryptol. ePrint Arch..

[15]  Georg Fuchsbauer,et al.  Fair Blind Signatures without Random Oracles , 2010, AFRICACRYPT.

[16]  Ryo Nishimaki,et al.  Constant-Size Structure-Preserving Signatures: Generic Constructions and Simple Assumptions , 2012, Journal of Cryptology.

[17]  Matthew Green,et al.  Secure Blind Decryption , 2011, IACR Cryptol. ePrint Arch..

[18]  Ryo Nishimaki,et al.  Tagged One-Time Signatures: Tight Security and Optimal Tag Size , 2013, Public Key Cryptography.

[19]  Jan Camenisch,et al.  A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks , 2009, IACR Cryptol. ePrint Arch..

[20]  Holger Vogt,et al.  Offline Payments with Auditable Tracing , 2002, Financial Cryptography.