Attribute-based signatures. (English) Zbl 1284.94093
Kiayias, Aggelos (ed.), Topics in cryptology – CT-RSA 2011. The cryptographers’ track at the RSA conference 2011, San Francisco, CA, USA, February 14–18, 2011. Proceedings. Berlin: Springer (ISBN 978-3-642-19073-5/pbk). Lecture Notes in Computer Science 6558, 376-392 (2011).
Summary: We introduce Attribute-Based Signatures (ABS), a versatile primitive that allows a party to sign a message with fine-grained control over identifying information. In ABS, a signer, who possesses a set of attributes from the authority, can sign a message with a predicate that is satisfied by his attributes. The signature reveals no more than the fact that a single user with some set of attributes satisfying the predicate has attested to the message. In particular, the signature hides the attributes used to satisfy the predicate and any identifying information about the signer (that could link multiple signatures as being from the same signer). Furthermore, users cannot collude to pool their attributes together.
We give a general framework for constructing ABS schemes, and then show several practical instantiations based on groups with bilinear pairing operations, under standard assumptions. Further, we give a construction which is secure even against a malicious attribute authority, but the security for this scheme is proven in the generic group model. We describe several practical problems that motivated this work, and how ABS can be used to solve them. Also, we show how our techniques allow us to extend Groth-Sahai NIZK proofs to be simulation-extractable and identity-based with low overhead.
For the entire collection see [Zbl 1206.94004].
We give a general framework for constructing ABS schemes, and then show several practical instantiations based on groups with bilinear pairing operations, under standard assumptions. Further, we give a construction which is secure even against a malicious attribute authority, but the security for this scheme is proven in the generic group model. We describe several practical problems that motivated this work, and how ABS can be used to solve them. Also, we show how our techniques allow us to extend Groth-Sahai NIZK proofs to be simulation-extractable and identity-based with low overhead.
For the entire collection see [Zbl 1206.94004].
MSC:
| 94A60 | Cryptography |
References:
| [1] | Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003) · Zbl 1038.94552 · doi:10.1007/3-540-39200-9_38 |
| [2] | Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. Journal of Cryptology 22(1), 1–61 (2009); Preliminary version appeared in Eurocrypt 2004 · Zbl 1166.94008 · doi:10.1007/s00145-008-9028-8 |
| [3] | Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334 (2007) · doi:10.1109/SP.2007.11 |
| [4] | Bobba, R., Fatemieh, O., Khan, F., Gunter, C.A., Khurana, H.: Using attribute-based access control to enable attribute-based messaging. In: ACSAC, pp. 403–413. IEEE Computer Society, Los Alamitos (2006) |
| [5] | Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004) · Zbl 1104.94019 · doi:10.1007/978-3-540-28628-8_27 |
| [6] | Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004) · Zbl 1122.94354 · doi:10.1007/978-3-540-24676-3_4 |
| [7] | Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004) · Zbl 1104.94044 · doi:10.1007/978-3-540-28628-8_3 |
| [8] | Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003) · Zbl 1046.94008 · doi:10.1137/S0097539701398521 |
| [9] | Boyen, X.: Mesh signatures. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 210–227. Springer, Heidelberg (2007) · Zbl 1141.94342 · doi:10.1007/978-3-540-72540-4_12 |
| [10] | Boyen, X., Waters, B.: Compact group signatures without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 427–444. Springer, Heidelberg (2006) · Zbl 1140.94327 · doi:10.1007/11761679_26 |
| [11] | Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007) · Zbl 1156.94339 · doi:10.1007/978-3-540-70936-7_28 |
| [12] | Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications Security, pp. 121–130. ACM, New York (2009) |
| [13] | Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. ACM Commun. 28(10), 1030–1044 (1985) · doi:10.1145/4372.4373 |
| [14] | Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991) · Zbl 0791.68044 · doi:10.1007/3-540-46416-6_22 |
| [15] | Frikken, K.B., Li, J., Atallah, M.J.: Trust negotiation with hidden credentials, hidden policies, and policy cycles. In: NDSS. The Internet Society, San Diego (2006) |
| [16] | Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Juels, A., Wright, R.N., di Vimercati, S.D.C. (eds.) ACM Conference on Computer and Communications Security, pp. 89–98. ACM, New York (2006) |
| [17] | Groth, J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444–459. Springer, Heidelberg (2006) · Zbl 1172.94615 · doi:10.1007/11935230_29 |
| [18] | Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008) · Zbl 1149.94320 · doi:10.1007/978-3-540-78967-3_24 |
| [19] | Guo, S., Zeng, Y.: Attribute-based signature scheme. In: International Conference on Information Security and Assurance, pp. 509–511. IEEE, Los Alamitos (2008) |
| [20] | Katz, J., Ostrovsky, R., Rabin, M.O.: Identity-based zero-knowledge. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 180–192. Springer, Heidelberg (2005) · Zbl 1116.94323 · doi:10.1007/978-3-540-30598-9_13 |
| [21] | Khader, D.: Attribute based group signature with revocation. Cryptology ePrint Archive, Report 2007/241 (2007), http://eprint.iacr.org/2007/241 |
| [22] | Khader, D.: Attribute based group signatures. Cryptology ePrint Archive, Report 2007/159 (2007), http://eprint.iacr.org/2007/159 |
| [23] | Li, J., Au, M.H., Susilo, W., Xie, D., Ren, K.: Attribute-based signature and its applications. In: Feng, D., Basin, D.A., Liu, P. (eds.) ASIACCS, pp. 60–69. ACM, New York (2010) |
| [24] | Li, J., Kim, K.: Attribute-based ring signatures. Cryptology ePrint Archive, Report 2008/394 (2008), http://eprint.iacr.org/2008/394 |
| [25] | Li, N., Du, W., Boneh, D.: Oblivious signature-based envelope. Distributed Computing 17(4), 293–302 (2005) · Zbl 1264.94101 · doi:10.1007/s00446-004-0116-1 |
| [26] | Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001) · Zbl 1064.94558 · doi:10.1007/3-540-45682-1_32 |
| [27] | Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005) · Zbl 1137.94355 · doi:10.1007/11426639_27 |
| [28] | Shahandashti, S.F., Safavi-Naini, R.: Threshold attribute-based signatures and their application to anonymous credential systems. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 198–216. Springer, Heidelberg (2009) · Zbl 1246.94048 · doi:10.1007/978-3-642-02384-2_13 |
| [29] | Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985) · Zbl 1359.94626 · doi:10.1007/3-540-39568-7_5 |
| [30] | Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005) · Zbl 1137.94360 · doi:10.1007/11426639_7 |
| [31] | Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. Cryptology ePrint Archive, Report 2008/290 (2008), http://eprint.iacr.org/2008/290 |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
