Cryptology ePrint Archive: Report 2010/595

Attribute-Based Signatures

Hemanta K. Maji and Manoj Prabhakaran and Mike Rosulek

Abstract: We introduce {\em Attribute-Based Signatures (ABS)}, a versatile primitive that allows a party to sign a message with fine-grained control over identifying information. In ABS, a signer, who possesses a set of attributes from the authority, can sign a message with a predicate that is satisfied by his attributes. The signature reveals no more than the fact that a single user with some set of attributes satisfying the predicate has attested to the message. In particular, the signature hides the attributes used to satisfy the predicate and any identifying information about the signer (that could link multiple signatures as being from the same signer). Furthermore, users cannot collude to pool their attributes together.

We give a general framework for constructing ABS schemes, and then show several practical instantiations based on groups with bilinear pairing operations, under standard assumptions. Further, we give a construction which is secure even against a malicious attribute authority, but the security for this scheme is proven in the generic group model. We describe several practical problems that motivated this work, and how ABS can be used to solve them. Also, we show how our techniques allow us to extend Groth-Sahai NIZK proofs to be simulation-extractable and identity-based with low overhead.

Category / Keywords: public-key cryptography / signatures, attribute-based signatures

Publication Info: Full version of an extended abstract in CT-RSA 2011

Date: received 22 Nov 2010, last revised 22 Nov 2010

Contact author: mikero at cs umt edu

Available formats: PDF | BibTeX Citation

Version: 20101124:045114 (All versions of this report)

Discussion forum: Show discussion | Start new discussion