Paper 2014/915

Cryptanalysis of the Structure-Preserving Signature Scheme on Equivalence Classes from Asiacrypt 2014

Yanbin Pan

Abstract

At Asiacrypt 2014, Hanser and Slamanig presented a new cryptographic primitive called structure-preserving signature scheme on equivalence classes in the message space $(\G_1^*)^\ell $, where $\G_1$ is some additive cyclic group. Based on the signature scheme, they constructed an efficient multi-show attribute-based anonymous credential system that allows to encode an arbitrary number of attributes. The signature scheme was claimed to be existentially unforgeable under the adaptive chosen message attacks in the generic group model. However, for $\ell=2$, Fuchsbauer pointed out a valid existential forgery can be generated with overwhelming probability by using 4 adaptive chosen-message queries. Hence, the scheme is existentially forgeable under the adaptive chosen message attack at least when $\ell=2$. In this paper, we show that even for the general case $\ell\geq 2$, the scheme is \textit{existentially forgeable} under the \textit{non-adaptive} chosen message attack and \textit{universally forgeable} under the \textit{adaptive} chosen message attack. It is surprising that our attacks will succeed all the time and need fewer queries, which give a better description of the scheme's security.

Note: The final publication is available at http://link.springer.com/book/10.1007%2F978-3-319-29485-8

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Major revision. CT-RSA 2016
Keywords
Structure-preserving signatureequivalence classesEUF-CMAUF-CMA.
Contact author(s)
panyanbin @ amss ac cn
History
2016-04-23: revised
2014-11-06: received
See all versions
Short URL
https://ia.cr/2014/915
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/915,
      author = {Yanbin Pan},
      title = {Cryptanalysis of the Structure-Preserving Signature Scheme on Equivalence Classes from Asiacrypt 2014},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/915},
      year = {2014},
      url = {https://eprint.iacr.org/2014/915}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.