Dan Boneh
Matt Franklin
ABSTRACT
We develop new schemes for anonymous authentication that support identity escrow. Our protocols also allow a prover to demonstrate membership in an arbitrary subset of users; key revocation is an important special case of this feature. Using the Fiat-Shamir heuristic, our interactive authentication protocols yield new constructions for non-interactive group signature schemes. We use the higher-residuosity assumption, which leads to greater efficiency and more natural security proofs than previous constructions. It also leads to an increased vulnerability to collusion attacks, although countermeasures are available.
- 1.S. Akl and P. Taylor, "Cryptographic solution to a problem of access control in a hierarchy" ACM ~rans. Comput. Sy~. (1983) 1, 239--248.]] Google Scholar
Digital Library
- 2.G. Ateniese and G. Tsudik, "Some open issues and new directions in group signatures", in proc. Financial Crypto '99, pp. 196-211.]] Google ScholarDigital Library
- 3.J. Benaloh, "Verifiable secret-ballot elections', Ph.D. Thesis, Yale University, 1987.]] Google ScholarDigital Library
- 4.B.. Blom, "An optimal class of symmetric key genera. tion systems", in proc. Eurocrypt '84, pp. 335-338.]] Google ScholarDigital Library
- 5.D. Boneh, M. Franklin, "Efficient generation of shared RSA keys", in proc. CI~YPTO '97, pp. 425-439.]] Google ScholarDigital Library
- 6.D. Boaeh and J. Shaw, "Collusion*secure fingerprinting for digital data", in proc. Crypto '95, pp. 452-465.]] Google ScholarDigital Library
- 7.E. Brickelt, P. Gemmell, D. Kro, vitz, "Trustee-based tracing extensions re anonymous cash and the making of anonymous change," in proc. ACM-SIAM Symposium on Discrete Algorithms (SODA), 1995, pp. 457- 466.]] Google ScholarDigital Library
- 8.J. Camenisch, "Efficient and generalized group signatures," in proc. Eurocrypt '97, pp. 465--479.]]Google Scholar
- 9.J. Camenisch,]]Google Scholar
- 10.J. Camenisch, M. Stadler, ~Efficient group signature schemes for large groups", in proc. CRYPTO '97, pp. 410-424.]] Google ScholarDigital Library
- 11.J D. Chaum and E. van Heyst, "Group signatures", in proc. Eurocrypt '91, pp. 257-265.]]Google Scholar
- 12.L. Chen and T. Pedersen, "New group signature schemes'~ in proc. Eurocrypt '94, pp. 171-181.]]Google Scholar
- 13.G. Chick, S. Tavares, "Flexible access control with master keys", in proc. CRYPTO '89, pp. 316-322.]] Google ScholarDigital Library
- 14.J. Cohen and M. Fisher, "A robust and verifiable cryptographically secure election scheme"~ in proc. IEEE Symposium on Foundations of Computer Science, 1985, 373-382.]]Google Scholar
- 15.1%. Cramer, I. Damg~rd, B. Schoenmakers, "Proofs of partial knowledge and simplified desiga of witness hiding protocols", in proc. Crypto '94, 174-187.]] Google ScholarDigital Library
- 16.A. De Santis, G. Di Crescenzo, G. Persiano, "Communication-ei~cient anonymous group identification~, in proc. 3rd ACM Conference on Computer and Communications Security, 1998~ pp. 73-82.]] Google ScholarDigital Library
- 17.A. De Santis, G. Di Cresceazo, G. Persiano, M. Yung, "On monotone formula closure of SZK', in proc. of IEEE Foundations of Computer Science~ 1994~ pp. 454-- 465.]]Google Scholar
- 18.U. Feige, A. Fiat, A. Shamir, "Zero-knowledge proofs of identity", J. Cr,jp~. vol. 1, 77-94, 1988.]] Google ScholarDigital Library
- 19.A. Fiat and M. Naor, "Broadcast encryption', in proc. Crypto '93, pp. 489-491.]] Google ScholarDigital Library
- 20.L. Guillou and J.-J. Qaisquater, "A practical zeroknowledge protocol fitted to security microprocessor minimizing both transmission and memory", in proc. Eurocrypt '88, pp. 123128.]] Google ScholarDigital Library
- 21.S. Goldwasser, S. Micali, C. Rackoff~ "The knowledge complexity of interactive proof systems", ST_AM J. of Computing, vo}. 18, pp. 186--208, 1989.]] Google ScholarDigital Library
- 22.J. Kilian, E. Petrank, "Identity escrow", in proc. CRYPTO '98~ pp. 169--185.]] Google ScholarDigital Library
- 23.C. Mitchell and F. Piper, "Key storage in secure networks, Discrete AppH6d Mathematics, vol. 21, pp. 215- 228~ 1988.]] Google ScholarDigital Library
- 24.H. Petersen, "How to convert any digital signature scheme into a group signature scheme", in proc. Security Protocols Workshop, Paris, 1997.]] Google ScholarDigital Library
- 25.C. Schnorr, "Efficient signature generation by smartcards", J. Cryptology, vol. 4, pp. 161-174, 1991.]]Google ScholarDigital Library
- 26.D. Stinson "On some methods for unconditionally secure key distribution and broadcast encrTption', De. signs, Codes and Cryptography, vol. 12, pp. 215-243, 1997.]] Google ScholarDigital Library
Index Terms
- Anonymous authentication with subset queries (extended abstract)
Recommendations
Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityAnonymous authentication allows one to authenticate herself without revealing her identity, and becomes an important technique for constructing privacy-preserving Internet connections. Anonymous password authentication is highly desirable as it enables ...
Traceable signature: better efficiency and beyond
ICCSA'06: Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IIIIn recent years one of the most active research areas in applied cryptography is the study of techniques for creating a group signature, a cryptographic primitive that can be used to implement anonymous authentication. Some variants of group signature, ...
Certificate-free ad hoc anonymous authentication
There is an increasing demand of ad hoc anonymous authentication (AHAA) to secure communications between ad hoc group members while preserving privacy for the members. The main obstacles in AHAA is that it is difficult to deploy traditional public-key ...
Comments