A novel ID-based group signature
Information Sciences—Informatics and Computer Science: An International Journal
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Group signatures with verifier-local revocation
Proceedings of the 11th ACM conference on Computer and communications security
Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups
Journal of Cryptology
Expressive Subgroup Signatures
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Discrete Applied Mathematics
Efficient attributes for anonymous credentials
Proceedings of the 15th ACM conference on Computer and communications security
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Efficient and generalized group signatures
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Full-domain subgroup hiding and constant-size group signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Quasi-efficient revocation of group signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Fully anonymous group signatures without random oracles
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Get shorty via group signatures without encryption
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Simulation-sound NIZK proofs for a practical language and constant size group signatures
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Dynamic fully anonymous short group signatures
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Group signatures: better efficiency and new theoretical aspects
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Foundations of group signatures: the case of dynamic groups
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Group signatures with efficient concurrent join
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Compact group signatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Fair blind signatures revisited
Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Hi-index | 0.07 |
In this paper we present a novel group signature scheme for dynamic membership which enables fine-grained control over the release of user information. This scheme could be widely used for various anonymity-based applications such as privacy-preserving data mining and customized anonymous authentication owing to a useful property called controllable linkability. A valid signer is able to create signatures that hide his or her identity as normal group signatures but can be anonymously linked regardless of changes to the membership status of the signer and without exposure of the history of the joining and revocation. From signatures, only linkage information can be disclosed, with a special linking key. Using this controllable linkability and the controllable anonymity of a group signature, anonymity may be flexibly or elaborately controlled according to a desired level. To begin construction of our scheme, we first introduce the Decision Linear Combination (DLC) assumption in a so-called gap Diffie-Hellman group where the DDH problem is tractable but the CDH problem is hard, and we prove that this assumption can be guaranteed in generic bilinear groups. To identify security requirements more precisely, we formally present definitions of anonymity, traceability, non-frameabilty, and linkability. We then prove that our scheme achieves all these security properties in the random oracle model. Our scheme supporting controllable linkability yields a short signature that is only 33.3% longer than the best-known normal group signature. Furthermore, we show that our scheme is comparable to the group signature scheme in terms of the amount of computation for basic operations such as signing, verification, and the key update caused by revocation. Finally, using the linkability for dynamic membership, computation overhead in opening signer's identity can be significantly reduced or minimized.