Cryptology ePrint Archive: Report 2020/856

Improving Revocation for Group Signature with Redactable Signature

Olivier Sanders

Abstract: Group signature is a major cryptographic tool allowing anonymous access to a service. However, in practice, access to a service is usually granted for some periods of time, which implies that the signing rights must be deactivated the rest of the time. This requirement thus calls for complex forms of revocation, reminiscent of the concept of time-bound keys. However, schemes satisfying this concept are rare and only allow revocation with limited granularity. That is, signing keys are associated with an expiry time and become definitively useless once the latter is over.

In this paper, we revisit the notion of group signatures with time-bound keys with several contributions. Firstly, we extend this notion to allow high granularity revocation: a member's signing key can in particular be deactivated at some moments and then be automatically reinstated. Secondly, we show that this complex property is actually simple to achieve using redactable signature. In particular, we consider in this context a recent redactable signature scheme from PKC 20 that we improve by dramatically reducing the size of the public key. The resulting construction is of independent interest.

Category / Keywords: cryptographic protocols / redactable signature, group signature, privacy-preserving protocols

Date: received 9 Jul 2020, last revised 15 Jul 2020

Contact author: olivier sanders at orange com

Available format(s): PDF | BibTeX Citation

Note: In the first version of the paper, the anonymity of the group signature scheme relied on a flawed assumption. This is fixed in the subsequent versions.

Version: 20200715:155357 (All versions of this report)

Short URL: ia.cr/2020/856


[ Cryptology ePrint archive ]