How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Generating hard instances of lattice problems (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Finding the closest lattice vector when it's unusually close
SODA '00 Proceedings of the eleventh annual ACM-SIAM symposium on Discrete algorithms
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Complexity of Lattice Problems
Complexity of Lattice Problems
SAC '99 Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography
Improved Online/Offline Signature Schemes
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Group signatures with verifier-local revocation
Proceedings of the 11th ACM conference on Computer and communications security
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Expressive Subgroup Signatures
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Chosen-Ciphertext Security via Correlated Products
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
On lattices, learning with errors, random linear codes, and cryptography
Journal of the ACM (JACM)
On Monotone Formula Composition of Perfect Zero-Knowledge Languages
SIAM Journal on Computing
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Quasi-efficient revocation of group signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Lattice-based identification schemes secure under active attacks
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Proceedings of the forty-second ACM symposium on Theory of computing
An efficient and parallel Gaussian sampler for lattices
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Get shorty via group signatures without encryption
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Dynamic fully anonymous short group signatures
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Foundations of group signatures: the case of dynamic groups
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
Anonymous authentication schemes such as group signatures and anonymous credentials are important privacy-protecting tools in electronic communications. The only currently known scheme based on assumptions that resist quantum attacks is the group signature scheme by Gordon et al. (ASIACRYPT 2010). We present a generalization of group signatures called anonymous attribute tokens where users are issued attribute-containing credentials that they can use to anonymously sign messages and generate tokens revealing only a subset of their attributes. We present two lattice-based constructions of this new primitive, one with and one without opening capabilities for the group manager. The latter construction directly yields as a special case the first lattice-based group signature scheme offering full anonymity (in the random oracle model), as opposed to the practically less relevant notion of chosen-plaintext anonymity offered by the scheme of Gordon et al. We also extend our scheme to protect users from framing attacks by the group manager, where the latter creates tokens or signatures in the name of honest users. Our constructions involve new lattice-based tools for aggregating signatures and verifiable CCA2-secure encryption.