## Cryptology ePrint Archive: Report 2018/742

Witness-Indistinguishable Arguments with $\Sigma$-Protocols for Bundled Witness Spaces and its Application to Global Identities

Hiroaki Anada and Seiko Arita

Abstract: We propose a generic construction of a $\Sigma$-protocol of commit-and-prove type, which is an AND-composition of $\Sigma$-protocols on statements that include a common commitment. Our protocol enables a prover to convince a verifier that the prover knows a bundle of witnesses that have a common component which we call a base witness point. When the component $\Sigma$-protocols are of witness-indistinguishable argument systems, our $\Sigma$-protocol is also a witness-indistinguishable argument system as a whole. As an application, we propose a decentralized multi-authority anonymous authentication scheme. We first give a syntax and security definitions of the scheme. Then we give a generic construction of the scheme. There a witness is a bundle of witnesses each of which decomposes into a common global identity string and a digital signature on it. We mention an instantiation in the setting of bilinear groups.

Category / Keywords: public-key cryptography / interactive proof, sigma protocol, witness indistinguishability, decentralized, anonymity, collusion resistance

Original Publication (with minor differences): The 2018 International Conference on Information and Communications Security (ICICS2018)

Date: received 13 Aug 2018, last revised 21 May 2019

Contact author: anada at sun ac jp

Available format(s): PDF | BibTeX Citation

Note: The probability evaluation was corrected.

Short URL: ia.cr/2018/742

[ Cryptology ePrint archive ]