Paper 2018/610

Hierarchical Attribute-based Signatures

Constantin-Catalin Dragan, Daniel Gardham, and Mark Manulis

Abstract

Attribute-based Signatures (ABS) are a powerful tool allowing users with attributes issued by authorities to sign messages while also proving that their attributes satisfy some policy. ABS schemes provide a flexible and privacy-preserving approach to authentication since the signer's identity and attributes remain hidden within the anonymity set of users sharing policy-conform attributes. Current ABS schemes exhibit some limitations when it comes to the management and issue of attributes. In this paper we address the lack of support for hierarchical attribute management, a property that is prevalent in traditional PKIs where certification authorities are organised into hierarchies and signatures are verified along roots of trust. Hierarchical Attribute-based Signatures (HABS) introduced in this work support delegation of attributes along paths from the top-level authority down to the users while also ensuring that signatures produced by these users do not leak their delegation paths, thus extending the original privacy guarantees of ABS schemes. Our generic HABS construction also ensures unforgeability of signatures in the presence of collusion attacks and contains an extended traceability property allowing a dedicated tracing authority to identify the signer and reveal its attribute delegation paths. We include a public verification procedure for the accountability of the tracing authority. We anticipate that HABS will be useful for privacy-preserving authentication in applications requiring hierarchical delegation of attribute-issuing rights and where knowledge of delegation paths might leak information about signers and their attributes, e.g., in intelligent transport systems where vehicles may require certain attributes to authenticate themselves to the infrastructure but remain untrackable by the latter.

Note: Formatting

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. CANS 2018
DOI
10.1007/978-3-030-00434-7_11
Keywords
Attribute-based Signaturesdelegationhierarchypath anonymitypath traceabilitynon-frameabilityprivacy
Contact author(s)
d gardham @ surrey ac uk
History
2018-10-16: last of 5 revisions
2018-06-22: received
See all versions
Short URL
https://ia.cr/2018/610
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/610,
      author = {Constantin-Catalin Dragan and Daniel Gardham and Mark Manulis},
      title = {Hierarchical Attribute-based Signatures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/610},
      year = {2018},
      doi = {10.1007/978-3-030-00434-7_11},
      url = {https://eprint.iacr.org/2018/610}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.