Abstract
This paper describes two attacks on an anonymous group identification scheme proposed by Handley at Financial Crypto 2000. The first attack enables to forge valid proofs of membership for any secret key. As a consequence, any user, registered or not, can be properly authenticated by the group manager. The second attack enables the authority to recover the identity of any user who authenticates. Those two attacks can be very easily conducted in practice, without any heavy computation. Those attacks can be fixed with simple modifications and additions to the protocol but we think that the technique used to issue certificates is conceptually flawed and we propose a way to repair this phase of the protocol using zero-knowledge proof techniques.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In Crypto 2000, LNCS 1880. Springer-Verlag, 2000.
G. Ateniese and G. Tsudik. Some Open Issues and New Directions in Group Signature. In Financial Cryptography’99, LNCS. Springer-Verlag, 1999.
D. Boneh and M. Franklin. Anonymous Authentication With Subset Queries. In Proceedings of 6th ACM-CCS, pages 113–119. ACM press, 1999.
J. Camenisch and M. Michels. A Group Signature Scheme with Improved Efficiency. In Asiacrypt’98, LNCS 1514. Springer-Verlag, 1998.
D. Chaum and T.P. Pedersen. Wallet Databases with Observers. In Crypto’92, LNCS 740, pages 89–105. Springer-Verlag, 1992.
D. Chaum and E. van Heyst. Group Signatures. In Eurocrypt’91, LNCS 547, pages 257–265. Springer-Verlag, 1992.
L. Chen and T.P. Pedersen. New Group Signature Schemes. In Eurocrypt’94, LNCS 950, pages 140–155. Springer-Verlag, 1995.
T. El Gamal. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In IEEE Transactions on Information Theory, volume IT-31, no. 4, pages 469–472, july 1985.
U. Feige, A. Fiat, and A. Shamir. Zero-Knowledge Proofs of Identity. Journal of Cryptology, 1:77–95, 1988.
S. Goldwasser, S. Micali, and C. Rackoff. The Knowledge Complexity of Interactive Proof Systems. SIAM Journal of Computing, 18(1):186–208, february 1989.
B. Handley. Resource-Efficient Anonymous Group Identification. In Prepoceedings of Financial Cryptography 2000, 2000.
B. Handley. Resource-Efficient Anonymous Group Identification. In Financial Cryptography 2000, LNCS. Springer-Verlag, 2001. (Personal communication from the author in January 2001).
J. Kilian and P. Petrank. Identity Escrow. In Crypto’98, LNCS 1462, pages 169–185. Springer-Verlag, 1998.
NIST. Digital Signature Standard (DSS). Federal Information Processing Standards PUBlication 186, november 1994.
T. Okamoto. A digital multisignature scheme using bijective public-key cryptosystems. ACM transactions on computer systems, 6(4):432–441, 1988.
T.P. Pedersen. Non-Interactive and Information-Theoretic secure Verifiable Secret Sharing. In Crypto’91, LNCS 576, pages 129–140. Springer-Verlag, 1992.
A. De Santis, L. di Crescenzo, and G. Persiano. Communication-Efficient Group Identification. In Proceedings of the 5th ACM-CCS. ACM press, 1998.
A. De Santis, L. di Crescenzo, G. Persiano, and M. Yung. On Monotone Formula Closure of SZK. In Proceedings of the 35th FOCS, pages 454–465. IEEE, 1994.
C.P. Schnorr. Efficient Identification and Signatures for Smart Cards. In Crypto’89, LNCS 435, pages 235–251. Springer-Verlag, 1990.
A. Young and M. Yung. Auto-Recoverable Auto-Certifiable Cryptosystems. In Eurocrypt’98, LNCS 1403, pages 17–31. Springer-Verlag, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jaulmes, É., Poupard, G. (2002). On the Security of Homage Group Authentication Protocol. In: Syverson, P. (eds) Financial Cryptography. FC 2001. Lecture Notes in Computer Science, vol 2339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46088-8_11
Download citation
DOI: https://doi.org/10.1007/3-540-46088-8_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44079-6
Online ISBN: 978-3-540-46088-6
eBook Packages: Springer Book Archive