Stronger Security Notions for Decentralized Traceable Attribute-Based Signatures and More Efficient Constructions

Ghadafi, Essam

doi:10.1007/978-3-319-16715-2_21

Cited by 23 publications

(26 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additionally, many new anonymous signature schemes were also proposed, where the group signature [27][28][29][30][31], ring signature [32][33][34] and attribute-based signature [35][36][37] all belong to anonymous signatures. Libert et al [28] proposed an effective group signature.…”

Section: Related Workmentioning

confidence: 99%

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Zhang

Lim

et al. 2020

Sensors

View full text Add to dashboard Cite

The development of the Internet of Things (IoT) plays a very important role for processing data at the edge of a network. Therefore, it is very important to protect the privacy of IoT devices when these devices process and transfer data. A mesh signature (MS) is a useful cryptographic tool, which makes a signer sign any message anonymously. As a result, the signer can hide his specific identity information to the mesh signature, namely his identifying information (such as personal public key) may be hidden to a list of tuples that consist of public key and message. Therefore, we propose an improved mesh signature scheme for IoT devices in this paper. The IoT devices seen as the signers may sign their publishing data through our proposed mesh signature scheme, and their specific identities can be hidden to a list of possible signers. Additionally, mesh signature consists of some atomic signatures, where the atomic signatures can be reusable. Therefore, for a large amount of data published by the IoT devices, the atomic signatures on the same data can be reusable so as to decrease the number of signatures generated by the IoT devices in our proposed scheme. Compared with the original mesh signature scheme, the proposed scheme has less computational costs on generating final mesh signature and signature verification. Since atomic signatures are reusable, the proposed scheme has more advantages on generating final mesh signature by reconstructing atomic signatures. Furthermore, according to our experiment, when the proposed scheme generates a mesh signature on 10 MB message, the memory consumption is only about 200 KB. Therefore, it is feasible that the proposed scheme is used to protect the identity privacy of IoT devices.

show abstract

Section: Related Workmentioning

confidence: 99%

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Zhang

Lim

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…However, all the existing tracing schemes are implemented by the single entity like AAA server or the group manager under the assumption that the entity is completely trusted and cannot be corrupted, they did not take non-frameability into consideration. Unfortunately, these tracing schemes based on the single entity may face some problems: (1) the single entity is vulnerable to the single point of failure, (2) the single entity fully has the privilege of tracing the users, so power centralization may lead to the privilege abused and an innocent user may be framed by the abusive entity, (3) the assumption that the single entity is totally trusted and cannot be corrupted is too strong to implement in practical scenarios, if the single entity is corrupted by attackers, the anonymous users will be revealed maliciously [9]. Obviously, it is necessary to take non-frameability into consideration to protect users' privacy.…”

Section: Introductionmentioning

confidence: 99%

Nframe: A privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing for LTE/LTE-A networks

Qin

Wang

et al. 2016

Wireless Netw

View full text Add to dashboard Cite

Seamless handover between the evolved universal terrestrial radio access network and other access networks is highly desirable to mobile equipments in the long term evolution (LTE) or LTE-Advanced (LTE-A) networks, but ensuring security and efficiency of this process is challenging. In this paper, we propose a novel privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing to fit in with all of the mobility scenarios in the LTE/LTE-A networks, which is called Nframe. To the best of our knowledge, Nframe is the first to support protecting users' privacy with non-frameability in the handover process. Moreover, Nframe uses pairing-free identity based cryptographic method to secure handover process and to achieve high efficiency. The formal verification by the AVISPA tool shows that Nframe is secure against various malicious attacks and the simulation result indicates that it outperforms the existing schemes in terms of computation and communication cost.

show abstract

“…Informally, a user is anonymous if an ABS signature does not leak their identity, nor the set of attributes used to satisfy the signing policy, while unforgeability requires that a signer cannot produce a signature conforming to a policy for which he does not own a set of suitable attributes. Later constructions [16,14,20] offered more advanced functionality with an additional property of traceability which holds signers accountable by allowing a dedicated tracing authority to identity them if required.…”

Section: Introductionmentioning

confidence: 99%

“…The vast majority of existing ABS schemes [16,33,32,5,14,20,13,35]are noninteractive, in the standard model and is based on bilinear maps and Groth-Sahai proofs [21], with the exception of [23], which uses RSA setting and the random oracle model, and the recent schemes in [15,38] which rely on lattices. Interactive ABS schemes, e.g.…”

Section: Introductionmentioning

confidence: 99%

“…[27], where policies must be chosen by verifiers ahead of the signing phase have also been proposed. In general, signing polices can have varying levels of flexibility and range from threshold policies [30], to monotone boolean predicates [14,20], and generalised circuits [35]. Typically, more restrictive policies allow for more efficient constructions.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Hierarchical Attribute-Based Signatures: Short Keys and Optimal Signature Length

Gardham

Manulis

2019

Applied Cryptography and Network Security

View full text Add to dashboard Cite

With Attribute-based Signatures (ABS) users can simultaneously sign messages and prove compliance of their attributes, issued by designated attribute authorities, with some verification policy. Neither signer's identity nor possessed attributes are leaked during the verification process, making ABS schemes a handy tool for applications requiring privacy-preserving authentication. Earlier ABS schemes lacked support for hierarchical delegation of attributes (across tiers of attribute authorities down to the signers), a distinct property that has made traditional PKIs more scalable and widely adoptable. This changed recently with the introduction of Hierarchical ABS (HABS) schemes, where support for attribute delegation was proposed in combination with stronger privacy guarantees for the delegation paths (path anonymity) and new accountability mechanisms allowing a dedicated tracing authority to identify these paths (path traceability) and the signer, along with delegated attributes, if needed. Yet, current HABS construction is generic with inefficient delegation process resulting in sub-optimal signature lengths of order O(k 2 |Ψ |) where Ψ is the policy size and k the height of the hierarchy. This paper proposes a direct HABS construction in bilinear groups that significantly improves on these bounds and satisfies the original security and privacy requirements. At the core of our HABS scheme is a new delegation process based on the length-reducing homomorphic trapdoor commitments to group elements for which we introduce a new delegation technique allowing step-wise commitments to additional elements without changing the length of the original commitment and its opening. While also being of independent interest, this technique results in shorter HABS keys and achieves the signature-length growth of O(k|Ψ |) which is optimal due to the path-traceability requirement.

show abstract

Stronger Security Notions for Decentralized Traceable Attribute-Based Signatures and More Efficient Constructions

Cited by 23 publications

References 33 publications

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Nframe: A privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing for LTE/LTE-A networks

Hierarchical Attribute-Based Signatures: Short Keys and Optimal Signature Length

Contact Info

Product

Resources

About