Efficient Group Signatures without Trapdoors

Group signature schemes are fundamental cryptographictools that enable unlinkably anonymous authentication, in the same fashion that digital signatures provide the basis for strong authentication protocols. In this paper we present the first group signature scheme with constant-size parameters that does not require any group member, including group managers, to know trapdoor secrets. This novel type of group signature scheme allows public parameters to be shared among organizations. Such sharing represents a highly desirable simplification over existing schemes, which require each organization to maintain a separate cryptographic domain.

[1]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.

[2]  Jan Camenisch,et al.  A Group Signature Scheme with Improved Efficiency , 1998, ASIACRYPT.

[3]  Ivan Damgård,et al.  Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes , 2000, ASIACRYPT.

[4]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[5]  Gene Tsudik,et al.  Some Open Issues and New Directions in Group Signatures , 1999, Financial Cryptography.

[6]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[7]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[8]  David Chaum,et al.  A Secure and Privacy-protecting Protocol for Transmitting Personal Information Between Organizations , 1986, CRYPTO.

[9]  Jan Camenisch,et al.  Efficient group signature schemes for large groups , 1997 .

[10]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[11]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[12]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[13]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[14]  Giuseppe Ateniese,et al.  Efficient verifiable encryption (and fair exchange) of digital signatures , 1999, CCS '99.

[15]  Ivan Damgård,et al.  Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals , 1988, CRYPTO.

[16]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[17]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[18]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[19]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[20]  Lidong Chen Access with Pseudonyms , 1995, Cryptography: Policy and Algorithms.

[21]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[22]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[23]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[24]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[25]  Rainer A. Rueppel,et al.  Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem , 1994, EUROCRYPT.

[26]  Joe Kilian,et al.  Identity Escrow , 1998, CRYPTO.

[27]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[28]  Marc Joye,et al.  Efficient Generation of Prime Numbers , 2000, CHES.