Ad Hoc Group Signatures

The main advantage of ring signatures is to ensure anonymity in ad hoc groups. However, since a group manager is not present in ad hoc groups, there is no existing way to identify the signer who is responsible for or benefit from a disputed ring signature. In this paper, we address this issue by formalizing the notion of ad hoc group signature. This new notion bridges the gap between the ring signature and group signature schemes. It enjoys the same advantage of ring signatures to provide anonymity whilst not requiring any group manager. Furthermore, it allows a member in an ad hoc group to provably claim that it has (not) issued the anonymous signature on behalf of the group. We propose the first construction of ad hoc group signatures that is provably secure in the random oracle model under the Strong RSA assumption. Our proposal is very simple and additionally, it produces a constant size signature length and requires constant modular exponentiations. This is to ensure that our scheme is very practical for ad hoc applications where a centralized group manager is not present.

[1]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[2]  Giuseppe Ateniese,et al.  Efficient Group Signatures without Trapdoors , 2003, ASIACRYPT.

[3]  Jan Camenisch,et al.  Efficient Blind Signatures Without Random Oracles , 2004, SCN.

[4]  Xiaofeng Chen,et al.  Shared-Key Signature and Its Application to Anonymous Authentication in Ad Hoc Group , 2004, ISC.

[5]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.

[6]  David Pointcheval Topics in Cryptology - CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2006, Proceedings , 2006, CT-RSA.

[7]  Jongin Lim,et al.  Information Security and Cryptology - ICISC 2003 , 2003, Lecture Notes in Computer Science.

[8]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[9]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[10]  Mark Manulis,et al.  Democratic group signatures: on an example of joint ventures , 2006, ASIACCS '06.

[11]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[12]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[13]  Stuart G. Stubblebine,et al.  Publicly Verifiable Lotteries: Applications of Delaying Functions , 1998, Financial Cryptography.

[14]  Jan Camenisch,et al.  A Group Signature Scheme with Improved Efficiency , 1998, ASIACRYPT.

[15]  Aggelos Kiayias,et al.  Anonymous Identification in Ad Hoc Groups , 2004, EUROCRYPT.

[16]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[17]  Kazuo Ohta,et al.  Advances in Cryptology — ASIACRYPT’98 , 2002, Lecture Notes in Computer Science.

[18]  Yuichi Komano,et al.  Toward the Fair Anonymous Signatures: Deniable Ring Signatures , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[19]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[20]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[21]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[22]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[23]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[24]  Jan Camenisch,et al.  Practical Group Signatures without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[25]  Tatsuaki Okamoto,et al.  New Public-Key Schemes Based on Elliptic Curves over the Ring Zn , 1991, CRYPTO.

[26]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[27]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[28]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[29]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[30]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[31]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[32]  Joseph K. Liu,et al.  Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (Extended Abstract) , 2004, ACISP.

[33]  Ting Wang,et al.  MetaData Pro: Ontology-Based Metadata Processing for Web Resources , 2004, WISE Workshops.

[34]  Shouhuai Xu,et al.  Accumulating Composites and Improved Group Signing , 2003, ASIACRYPT.

[35]  Chi Sung Laih,et al.  Advances in Cryptology - ASIACRYPT 2003 , 2003 .

[36]  J. Camenisch,et al.  A Group Signature Scheme Based on an RSA-Variant , 1998 .

[37]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[38]  Joseph K. Liu,et al.  On the RS-Code Construction of Ring Signature Schemes and a Threshold Setting of RST , 2003, ICICS.

[39]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.