Paper 2021/351

Practical Dynamic Group Signatures Without Knowledge Extractors

Hyoseung Kim, Olivier Sanders, Michel Abdalla, and Jong Hwan Park

Abstract

Dynamic group signature (DGS) allows a user to generate a signature on behalf of a group, while preserving anonymity. Although many existing DGS schemes have been proposed in the random oracle model for achieving efficiency, their security proofs require knowledge extractors that cause loose security reductions. In this paper, we first propose a new practical DGS scheme whose security can be proven without knowledge extractors in the random oracle model. Moreover, our scheme can also be proven in the strong security model where an adversary is allowed to generate group managers’ keys maliciously. The efficiency of our scheme is comparable to existing secure DGS schemes in the random oracle model using knowledge extractors. The security of our scheme is based on a new complexity assumption that is obtained by generalizing the Pointcheval-Sanders (PS) assumption. Although our generalized PS (GPS) assumption is interactive, we prove that, under the symmetric discrete logarithm (SDL) assumption, the new GPS assumption holds in the algebraic group model.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. Minor revision.
Keywords
Algebraic Group ModelGroup SignaturesKnowledge ExtractorsPS assumptionRandom Oracle ModelSubverted CRS
Contact author(s)
hyoseung_kim @ korea ac kr
jhpark @ smu ac kr
History
2021-05-27: revised
2021-03-18: received
See all versions
Short URL
https://ia.cr/2021/351
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/351,
      author = {Hyoseung Kim and Olivier Sanders and Michel Abdalla and Jong Hwan Park},
      title = {Practical Dynamic Group Signatures Without Knowledge Extractors},
      howpublished = {Cryptology ePrint Archive, Paper 2021/351},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/351}},
      url = {https://eprint.iacr.org/2021/351}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.