Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
One-way accumulators: a decentralized alternative to digital signatures
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Practical forward secure group signature schemes
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Revocation and Tracing Schemes for Stateless Receivers
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
The LSD Broadcast Encryption Scheme
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Toward Hierarchical Identity-Based Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Hierarchical ID-Based Cryptography
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Revocation in Group Signatures
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Proceedings of the 11th ACM conference on Computer and communications security
Group signatures with verifier-local revocation
Proceedings of the 11th ACM conference on Computer and communications security
Blacklistable anonymous credentials: blocking misbehaving users without ttps
Proceedings of the 14th ACM conference on Computer and communications security
Secure scalable group signature with dynamic joins and separable authorities
International Journal of Security and Networks
PEREA: towards practical TTP-free revocation in anonymous authentication
Proceedings of the 15th ACM conference on Computer and communications security
Efficient Protocols for Set Membership and Range Proofs
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Revocable Group Signature Schemes with Constant Costs for Signing and Verifying
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Group Signatures with Verifier-Local Revocation and Backward Unlinkability in the Standard Model
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Group Encryption: Non-interactive Realization in the Standard Model
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Full-domain subgroup hiding and constant-size group signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Quasi-efficient revocation of group signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
A forward-secure public-key encryption scheme
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Fully anonymous group signatures without random oracles
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Structure-preserving signatures and commitments to group elements
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Solving revocation with efficient update of anonymous credentials
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Oblivious transfer with hidden access control policies
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Revocation for delegatable anonymous credentials
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Optimal structure-preserving signatures in asymmetric bilinear groups
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Simulation-sound NIZK proofs for a practical language and constant size group signatures
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Dynamic fully anonymous short group signatures
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Verifier-Local revocation group signature schemes with backward unlinkability from bilinear maps
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Foundations of group signatures: the case of dynamic groups
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Accumulators from bilinear pairings and applications
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Group signatures with efficient concurrent join
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Hierarchical identity based encryption with constant size ciphertext
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
k-times anonymous authentication with a constant proving cost
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Compact group signatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Shorter verifier-local revocation group signatures from bilinear maps
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Chosen-Ciphertext security from tag-based encryption
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Group signature with constant revocation costs for signers and verifiers
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Generalized key delegation for hierarchical identity-based encryption
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Constant-Size structure-preserving signatures: generic constructions and simple assumptions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Efficient proofs for CNF formulas on attributes in pairing-based anonymous credential system
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Hi-index | 0.00 |
Group signatures are a central cryptographic primitive, simultaneously supporting accountability and anonymity. They allow users to anonymously sign messages on behalf of a group they are members of. The recent years saw the appearance of several constructions with security proofs in the standard model (i.e., without appealing to the random oracle heuristic). For a digital signature scheme to be adopted, an efficient revocation scheme (as in regular PKI) is absolutely necessary. Despite over a decade of extensive research, membership revocation remains a non-trivial problem in group signatures: all existing solutions are not truly scalable due to either high overhead (e.g., large group public key size), or limiting operational requirement (the need for all users to follow the system's entire history). In the standard model, the situation is even worse as many existing solutions are not readily adaptable. To fill this gap and tackle this challenge, we describe a new revocation approach based, perhaps somewhat unexpectedly, on the Naor-Naor-Lotspiech framework which was introduced for a different problem (namely, that of broadcast encryption). Our mechanism yields efficient and scalable revocable group signatures in the standard model. In particular, the size of signatures and the verification cost are independent of the number of revocations and the maximal cardinality N of the group while other complexities are at most polylogarithmic in N. Moreover, the schemes are history-independent: unrevoked group members do not have to update their keys when a revocation occurs.