Paper 2018/610
Hierarchical Attribute-based Signatures
Constantin-Catalin Dragan, Daniel Gardham, and Mark Manulis
Abstract
Attribute-based Signatures (ABS) are a powerful tool allowing users with attributes issued by authorities to sign messages while also proving that their attributes satisfy some policy. ABS schemes provide a flexible and privacy-preserving approach to authentication since the signer's identity and attributes remain hidden within the anonymity set of users sharing policy-conform attributes. Current ABS schemes exhibit some limitations when it comes to the management and issue of attributes. In this paper we address the lack of support for hierarchical attribute management, a property that is prevalent in traditional PKIs where certification authorities are organised into hierarchies and signatures are verified along roots of trust. Hierarchical Attribute-based Signatures (HABS) introduced in this work support delegation of attributes along paths from the top-level authority down to the users while also ensuring that signatures produced by these users do not leak their delegation paths, thus extending the original privacy guarantees of ABS schemes. Our generic HABS construction also ensures unforgeability of signatures in the presence of collusion attacks and contains an extended traceability property allowing a dedicated tracing authority to identify the signer and reveal its attribute delegation paths. We include a public verification procedure for the accountability of the tracing authority. We anticipate that HABS will be useful for privacy-preserving authentication in applications requiring hierarchical delegation of attribute-issuing rights and where knowledge of delegation paths might leak information about signers and their attributes, e.g., in intelligent transport systems where vehicles may require certain attributes to authenticate themselves to the infrastructure but remain untrackable by the latter.
Note: Formatting
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Minor revision. CANS 2018
- DOI
- 10.1007/978-3-030-00434-7_11
- Keywords
- Attribute-based Signaturesdelegationhierarchypath anonymitypath traceabilitynon-frameabilityprivacy
- Contact author(s)
- d gardham @ surrey ac uk
- History
- 2018-10-16: last of 5 revisions
- 2018-06-22: received
- See all versions
- Short URL
- https://ia.cr/2018/610
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/610, author = {Constantin-Catalin Dragan and Daniel Gardham and Mark Manulis}, title = {Hierarchical Attribute-based Signatures}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/610}, year = {2018}, doi = {10.1007/978-3-030-00434-7_11}, url = {https://eprint.iacr.org/2018/610} }