Cryptology ePrint Archive: Report 2016/483
Proofs of Knowledge on Monotone Predicates and its Application to Attribute-Based Identifications and Signatures
Hiroaki Anada and Seiko Arita and Kouichi Sakurai
Abstract: We propose a concrete procedure of a sigma-protocol proving knowledge that a set of witnesses satisfies a monotone predicate in witness-indistinguishable manner. Inspired by the high-level proposal by Cramer, Damgard and Schoenmakers at CRYPTO '94, we construct the concrete procedure by extending the so-called OR-proof. Next, using as a witness a signature-bundle of the Fiat-Shamir signatures, we provide an attribute-based identification scheme (ABID). Then, applying the Fiat-Shamir transform to our ABID, we obtain an attribute-based signature scheme (ABS). These generic schemes are constructed from a given sigma-protocol, and the latter scheme has a feature of linkable signatures. Applying the two-tier technique proposed at PKC 2007 by Bellare and Shoup to our ABID, we obtain an attribute-based two-tier signature scheme (ABTTS). The scheme has a feature to attain attribute-privacy paying expense of the secondary-key issuing. We provide two directions of instantiation. One is to use the Guillou-Quisquater and the Schnorr sigma-protocols, which produce ABID, ABS and ABTTS schemes with a loose security reduction in the random oracle model without pairing computation. The other is to use the Camenisch-Lysyanskaya sigma-protocols in the RSA setting and discrete-logarithm setting, which produce ABTTS schemes with a tighter security reduction in the standard model.
Category / Keywords: proof of knowledge, access structure, attribute-based, identification, signature, two-tier keys
Original Publication (with major differences): The 2nd ACM ASIA Public-Key Cryptography Workshop - ASIAPKC 2014, The 18th Annual International Conference on Information Security and Cryptology - ICISC 2015
DOI: 10.1145/2600694.2600696, 10.1007/978-3-319-30840-1_3
Date: received 19 May 2016, last revised 12 Jan 2017
Contact author: anada at sun ac jp
Available format(s): PDF | BibTeX Citation
Note: Witness-indistinguishability was emphasized.
Version: 20170112:105033 (All versions of this report)
Short URL: ia.cr/2016/483
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]