Short Group Signatures via Structure-Preserving Signatures: Standard Model Security from Simple Assumptions

Benoît Libert 1 Thomas Peters 2, 3, 4, 5 Moti Yung 6, 7
1 ARIC - Arithmetic and Computing
Inria Grenoble - Rhône-Alpes, LIP - Laboratoire de l'Informatique du Parallélisme
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : Group signatures are a central cryptographic primitive which allows users to sign messages while hiding their identity within a crowd of group members. In the standard model (without the random oracle idealization), the most efficient constructions rely on the Groth-Sahai proof systems (Euro-crypt'08). The structure-preserving signatures of Abe et al. (Asiacrypt'12) make it possible to design group signatures based on well-established, constant-size number theoretic assumptions (a.k.a. " simple assumptions ") like the Symmetric eXternal Diffie-Hellman or Decision Linear assumptions. While much more efficient than group signatures built on general assumptions, these constructions incur a significant overhead w.r.t. constructions secure in the idealized random oracle model. Indeed, the best known solution based on simple assumptions requires 2.8 kB per signature for currently recommended parameters. Reducing this size and presenting techniques for shorter signatures are thus natural questions. In this paper, our first contribution is to significantly reduce this overhead. Namely, we obtain the first fully anonymous group signatures based on simple assumptions with signatures shorter than 2 kB at the 128-bit security level. In dynamic (resp. static) groups, our signature length drops to 1.8 kB (resp. 1 kB). This improvement is enabled by two technical tools. As a result of independent interest, we first construct a new structure-preserving signature based on simple assumptions which shortens the best previous scheme by 25%. Our second tool is a new method for attaining anonymity in the strongest sense using a new CCA2-secure encryption scheme which is simultaneously a Groth-Sahai commitment.
Type de document :
Communication dans un congrès
Advances in Cryptology - Crypto 2015, Aug 2015, Santa Barbara, United States. Springer, 9216, 2015, Advances in Cryptology - Crypto 2015. 〈https://www.iacr.org/conferences/crypto2015/〉. 〈10.1007/978-3-662-48000-7_15〉
Liste complète des métadonnées

Littérature citée [62 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01225353
Contributeur : Benoit Libert <>
Soumis le : vendredi 6 novembre 2015 - 10:33:16
Dernière modification le : vendredi 25 mai 2018 - 12:02:05
Document(s) archivé(s) le : lundi 8 février 2016 - 13:10:53

Fichier

short-gsis-full-version.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Benoît Libert, Thomas Peters, Moti Yung. Short Group Signatures via Structure-Preserving Signatures: Standard Model Security from Simple Assumptions. Advances in Cryptology - Crypto 2015, Aug 2015, Santa Barbara, United States. Springer, 9216, 2015, Advances in Cryptology - Crypto 2015. 〈https://www.iacr.org/conferences/crypto2015/〉. 〈10.1007/978-3-662-48000-7_15〉. 〈hal-01225353〉

Partager

Métriques

Consultations de la notice

477

Téléchargements de fichiers

186