Paper 2019/382
Hierarchical Attribute-based Signatures: Short Keys and Optimal Signature Length
Daniel Gardham and Mark Manulis
Abstract
With Attribute-based Signatures (ABS) users can simultaneously sign messages and prove compliance of their attributes, issued by designated attribute authorities, with some verification policy. Neither signer's identity nor possessed attributes are leaked during the verification process, making ABS schemes a handy tool for applications requiring privacy-preserving authentication. Earlier ABS schemes lacked support for hierarchical delegation of attributes (across tiers of attribute authorities down to the signers), a distinct property that has made traditional PKIs more scalable and widely adoptable. This changed recently with the introduction of Hierarchical ABS (HABS) schemes, where support for attribute delegation was proposed in combination with stronger privacy guarantees for the delegation paths (path anonymity) and new accountability mechanisms allowing a dedicated tracing authority to identify these paths (path traceability) and the signer, along with delegated attributes, if needed. Yet, current HABS construction is generic with inefficient delegation process resulting in sub-optimal signature lengths of order $O(k^{2}|\Psi|)$ where $\Psi$ is the policy size and $k$ the height of the hierarchy. This paper proposes a direct HABS construction in bilinear groups that significantly improves on these bounds and satisfies the original security and privacy requirements. At the core of our HABS scheme is a new delegation process based on the length-reducing homomorphic trapdoor commitments to group elements for which we introduce a new delegation technique allowing step-wise commitments to additional elements without changing the length of the original commitment and its opening. While also being of independent interest, this technique results in shorter HABS keys and achieves the signature-length growth of $O(k|\Psi|)$ which is optimal due to the path-traceability requirement.
Note: This is the full version of a paper that appeared at ACNS 2019 under the same name. Updated Proofs & typos.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Major revision. ACNS 2019
- Keywords
- Attribute-based Signaturesdelegationhierarchypath anonymitypath traceabilitynon-frameabilityprivacy
- Contact author(s)
- d gardham @ surrey ac uk
- History
- 2019-05-23: last of 2 revisions
- 2019-04-16: received
- See all versions
- Short URL
- https://ia.cr/2019/382
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/382, author = {Daniel Gardham and Mark Manulis}, title = {Hierarchical Attribute-based Signatures: Short Keys and Optimal Signature Length}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/382}, year = {2019}, url = {https://eprint.iacr.org/2019/382} }