An Exploration of Group and Ring Signatures

Group signatures are a modern cryptographic primitive that allow a member of a specic group (e.g., \the White House sta" or \employees of Corporation X that publish press releases") to sign messages on behalf of the group as a whole; i.e., without revealing their individual identities and thus providing them with a certain degree of anonymity and privacy. They have quite a number of potential applications (and in fact have been incorporated into the latest version of the Trusted Platform Module, or TPM), and are still an active area of research. In this work, we explore group signatures and the many variations that have been considered since their original

[1]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[2]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[3]  Ivan Damgård,et al.  Efficient Concurrent Zero-Knowledge in the Auxiliary String Model , 2000, EUROCRYPT.

[4]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[5]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[6]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[7]  Hovav Shacham,et al.  Efficient Ring Signatures Without Random Oracles , 2007, Public Key Cryptography.

[8]  Alptekin Küpçü,et al.  Incentivizing outsourced computation , 2008, NetEcon '08.

[9]  Nobuo Funabiki,et al.  Verifier-Local Revocation Group Signature Schemes with Backward Unlinkability from Bilinear Maps , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[11]  Jens Groth,et al.  Simulation-Sound NIZK Proofs for a Practical Language and Constant Size Group Signatures , 2006, ASIACRYPT.

[12]  Gene Tsudik,et al.  Some Open Issues and New Directions in Group Signatures , 1999, Financial Cryptography.

[13]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[14]  Aggelos Kiayias,et al.  Efficient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers , 2005, Mycrypt.

[15]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[16]  Rafail Ostrovsky,et al.  Perfect Non-Interactive Zero Knowledge for NP , 2006, IACR Cryptol. ePrint Arch..

[17]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[18]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[19]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[20]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[21]  Ran Canetti,et al.  Resettable Zero-Knowledge , 1999, IACR Cryptol. ePrint Arch..

[22]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[23]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[24]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[25]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[26]  Adi Shamir,et al.  Multiple non-interactive zero knowledge proofs based on a single random string , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[27]  Dawn Xiaodong Song,et al.  Quasi-Efficient Revocation in Group Signatures , 2002, Financial Cryptography.

[28]  Richard E. Overill,et al.  Foundations of Cryptography: Basic Tools , 2002, J. Log. Comput..

[29]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[30]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[31]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[32]  Hovav Shacham,et al.  Sequential Aggregate Signatures from Trapdoor Permutations , 2004, EUROCRYPT.

[33]  S. Micali,et al.  Noninteractive Zero-Knowledge , 1990, SIAM J. Comput..

[34]  Hovav Shacham,et al.  Delegatable Anonymous Credentials , 2008, IACR Cryptology ePrint Archive.

[35]  Sherman S. M. Chow Real Traceable Signatures , 2009, Selected Areas in Cryptography.

[36]  Aggelos Kiayias,et al.  Anonymous Identification in Ad Hoc Groups , 2004, EUROCRYPT.

[37]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[38]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[39]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[40]  Moni Naor,et al.  Zaps and their applications , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[41]  Jan Camenisch,et al.  How to win the clonewars: efficient periodic n-times anonymous authentication , 2006, CCS '06.

[42]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[43]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[44]  Abhi Shelat,et al.  Fair-Zero Knowledge , 2005, TCC.

[45]  Edward J. Schwartz,et al.  Contractual Anonymity , 2010, NDSS.

[46]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[47]  Shouhuai Xu,et al.  Leak-free group signatures with immediate revocation , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[48]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[49]  Xavier Boyen,et al.  Mesh Signatures : How to Leak a Secret with Unwitting and Unwilling Participants , 2007, IACR Cryptol. ePrint Arch..

[50]  Jonathan Katz,et al.  A Group Signature Scheme from Lattice Assumptions , 2010, IACR Cryptol. ePrint Arch..

[51]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[52]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[53]  Aggelos Kiayias,et al.  Group Signatures with Efficient Concurrent Join , 2005, EUROCRYPT.

[54]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[55]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[56]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[57]  Jan Camenisch,et al.  Practical Group Signatures without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[58]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[59]  Germán Sáez,et al.  Forking Lemmas for Ring Signature Schemes , 2003, INDOCRYPT.

[60]  Anna Lysyanskaya,et al.  Unique Signatures and Verifiable Random Functions from the DH-DDH Separation , 2002, CRYPTO.

[61]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[62]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[63]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[64]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[65]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[66]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[67]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[68]  Mihir Bellare,et al.  Foundations of Group Signatures: The Case of Dynamic Groups , 2005, CT-RSA.

[69]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[70]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[71]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[72]  Alexandra Boldyreva,et al.  Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-Diffie-Hellman-Group Signature Scheme , 2003, Public Key Cryptography.

[73]  Ivan Damgård,et al.  Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes , 2000, ASIACRYPT.

[74]  Gerrit Bleumer,et al.  Undeniable Signatures , 2005, Encyclopedia of Cryptography and Security.

[75]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[76]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[77]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[78]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[79]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[80]  Jens Groth,et al.  Non-interactive Zero-Knowledge Arguments for Voting , 2005, ACNS.

[81]  Valtteri Niemi,et al.  Secure Vickrey Auctions without Threshold Trust , 2002, Financial Cryptography.

[82]  Amit Sahai,et al.  Ring Signatures of Sub-linear Size Without Random Oracles , 2007, ICALP.

[83]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[84]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[85]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[86]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .