In this paper we show how pairing-based group signature schemes (PB-GSSs) based on the sign-and-encrypt-and-prove (SEP) paradigm can be generically transformed in order to support one particular enhanced anonymity management mechanism, i.e., we propose a transformation that turns every such PB-GSS into a PB-GSS with controllable linkability. Basically, this transformation replaces the public key encryption scheme used for identity escrow within a group signature scheme with a modified all-or-nothing public key encryption with equality tests scheme (denoted AoN-PKEET$^*$) instantiated from the respective public key encryption scheme. Thereby, the respective trapdoor is given to the linking authority as a linking key. The appealing benefit of this approach in contrast to other anonymity management mechanisms (such as those provided by traceable signatures) is that controllable linkability can be added to PB-GSSs based on the SEP paradigm for free, i.e., it neither influences the signature size nor the computational costs for signers and verifiers in comparison to the scheme without this feature.
Category / Keywords: cryptographic protocols / Controllable linkability, generic transformation, pairing-based group signature schemes Original Publication (with major differences): ISC 2014 Date: received 7 Aug 2014 Contact author: raphael spreitzer at iaik tugraz at Available format(s): PDF | BibTeX Citation Note: An extended abstract of this paper appears in the proceedings of ISC 2014, this is the full version. Version: 20140813:194212 (All versions of this report) Short URL: ia.cr/2014/607 Discussion forum: Show discussion | Start new discussion