Cryptology ePrint Archive: Report 2021/1312

Selectively Linkable Group Signatures - Stronger Security and Preserved Verifiability

Ashley Fraser and Lydia Garms and Anja Lehmann

Abstract: Group signatures allow group members to sign on behalf of the group anonymously. They are therefore well suited to storing data in a way that preserves the users’ privacy, while guaranteeing its authenticity. Garms and Lehmann (PKC’19) introduced a new type of group signatures that balance privacy with utility by allowing to selectively link subsets of the group signatures via an oblivious entity, the converter. The conversion takes a batch of group signatures and blindly transforms signatures originating from the same user into a consistent representation. Their scheme essentially targets a setting where the entity receiving fully unlinkable signatures and the converted ones is the same: only pseudonyms but not full signatures are converted, and the input to the converter is assumed to be well-formed. Thus, the converted outputs are merely linkable pseudonyms but no longer signatures. In this work we extend and strengthen such convertibly linkable group signatures. Conversion can now be triggered by malicious entities too, and the converted outputs can be publicly verified. This preserves the authentication of data during the conversion process. We define the security of this scheme and give a provably secure instantiation. Our scheme makes use of controlled-malleable NIZKs, which allow proofs to be mauled in a controlled manner. This allows signatures to be blinded, while still ensuring they can be verified during conversions.

Category / Keywords: public-key cryptography / group signatures, unlinkability, pseudonyms, privacy-enhancing technologies, controlled malleability

Original Publication (with major differences): CANS 2021 - 20th International Conference on Cryptology And Network Security

Date: received 28 Sep 2021

Contact author: lydia garms at imdea org, a fraser at surrey ac uk, anja lehmann at hpi de

Available format(s): PDF | BibTeX Citation

Version: 20210928:184613 (All versions of this report)

Short URL: ia.cr/2021/1312


[ Cryptology ePrint archive ]