In this paper we propose a new variant of group signatures that provides linkability in a flexible and user-centric manner. Users – and only they – can decide before and after signature creation whether they should remain linkable or be correlated. To prevent attacks where a user omits certain signatures when a sequence of events in a certain section (e.g., time frame), should be linked, we further extend this new primitive to allow for sequential link proofs. Such proofs guarantee that the provided sequence of data is not only originating from the same signer, but also occurred in that exact order and contains all of the user’s signatures within the time frame. We formally define the desired security and privacy properties, propose a provably secure construction based on DL-related assumptions and report on a prototypical implementation of our scheme.
Category / Keywords: public-key cryptography / Privacy, Utility, User-centric security Original Publication (with major differences): PKC 2021 Date: received 19 Feb 2021 Contact author: jdv at zurich ibm com, anja lehmann@hpi de, jesus diaz vico@gmail com Available format(s): PDF | BibTeX Citation Version: 20210220:173803 (All versions of this report) Short URL: ia.cr/2021/181