CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Secret Handshakes from Pairing-Based Key Agreements
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
k-anonymous secret handshakes with reusable credentials
Proceedings of the 11th ACM conference on Computer and communications security
Construction of Threshold Public-Key Encryptions through Tag-Based Encryptions
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Secret handshakes with revocation support
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
A new revocable secret handshake scheme with backward unlinkability
EuroPKI'10 Proceedings of the 7th European conference on Public key infrastructures, services and applications
An efficient group signature scheme from bilinear maps
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Chosen ciphertext secure public key threshold encryption without random oracles
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A flexible framework for secret handshakes
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Authentication for paranoids: multi-party secret handshakes
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Group secret handshakes or affiliation-hiding authenticated group key agreement
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Generic construction of chosen ciphertext secure proxy re-encryption
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Secret handshake scheme with request-based-revealing
EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
| Hi-index | 0.09 |
Secret handshake (SH) schemes enable two members who belong to the same group to authenticate each other in a way that hides their affiliation to that group from all others. In previous work on SH, the group authority (GA) of the group G has been shown to have the ability to reveal the identity (ID) of a handshake player who belongs to G. The capability to reveal a malicious player is important in SH systems. In this paper, we focus first on the classification of traceability of GA. We classify this feature as follows: (i) GA of G is able to reveal IDs of members belonging to G by using a transcript of a handshake protocol; and (ii) GA of G is able to confirm whether handshake players belong to G or not by using a transcript of a handshake protocol. Previous research in this field only considers the former capability. In some situations, only the latter capability is needed. Next, we consider a SH system that GA has only an ability to confirm whether a handshake player belongs to his own group without revealing his ID. The most naive method is that member IDs are eliminated and members have a common group ID. However, if member ID does not exist, one cannot reveal the handshake player's ID in the event of disputes. Thus, we introduce a SH with request-based-revealing (SHRBR). In SHRBR schemes, GA can check whether handshake players belong to their own group, but cannot reveal member IDs alone. After a handshake player A executes a handshake protocol with B, if A wants to reveal a handshake partner (in this case B), A requests GA to reveal a handshake partner's ID by bringing forth his own ID and secret information of A. We define the security requirements for SHRBR schemes and propose two concrete SHRBR schemes, SHRBR-1 and SHRBR-2. We prove that the proposed SHRBR schemes satisfy security requirements in the random oracle model.