The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signi...The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang's conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.展开更多
In this paper, a new dynamic group signature scheme is proposed. It allows the group manager to increase or delete group members flexibly. Furthermore, the length of group signatures, as well as the computational effo...In this paper, a new dynamic group signature scheme is proposed. It allows the group manager to increase or delete group members flexibly. Furthermore, the length of group signatures, as well as the computational effort for signing, verifying and opening are very small and independent of the number of group members and deleted group members. So it is efficient.展开更多
We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems wit...We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.展开更多
A multi-proxy quantum group signature scheme with threshold shared verification is proposed. An original signer may authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy...A multi-proxy quantum group signature scheme with threshold shared verification is proposed. An original signer may authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signature on behalf of the original signer. In the scheme, any t or more of n receivers can verify the message and any t - 1 or fewer receivers cannot verify the validity of the proxy signature.展开更多
Non-Interactive Zero-Knowledge(NIZK for short) proofs are fascinating and extremely useful in many security protocols. In this paper,a new group signature scheme,decisional linear assumption group signature(DLAGS for ...Non-Interactive Zero-Knowledge(NIZK for short) proofs are fascinating and extremely useful in many security protocols. In this paper,a new group signature scheme,decisional linear assumption group signature(DLAGS for short) with NIZK proofs is proposed which can prove and sign the multiple values rather than individual bits based on DLIN assumption. DLAGS does not need to interact between the verifier and issuer,which can decrease the communication times and storage cost compared with the existing interactive group signature schemes. We prove and sign the blocks of messages instead of limiting the proved message to only one bit(0 or 1) in the conventional non-interactive zero-knowledge proof system,and we also prove that our scheme satisfy the property of anonymity,unlinkability and traceability. Finally,our scheme is compared with the other scheme(Benoitt's scheme) which is also based on the NIZK proofs system and the DLIN assumption,and the results show that our scheme requires fewer members of groups and computational times.展开更多
Xie and Yu (2005) proposed a group signature scheme and claimed that it is the most efficient group signature scheme so far and secure. In this paper, we show that two dishonest group members can collude to launch two...Xie and Yu (2005) proposed a group signature scheme and claimed that it is the most efficient group signature scheme so far and secure. In this paper, we show that two dishonest group members can collude to launch two attacks on the scheme. In the first attack they can derive the group secret key and then generate untraceable group signatures. In the second attack, they can impersonate other group members once they see their signatures. Therefore we conclude that the signature scheme is not secure. We show that some parameters should be carefully selected in the scheme to resist our attacks.展开更多
The concept of generalized group signature scheme will be present. Based on the generalized secret sharing scheme proposed by Lin and Harn, a non interactive approach is designed for realizing such generalized group ...The concept of generalized group signature scheme will be present. Based on the generalized secret sharing scheme proposed by Lin and Harn, a non interactive approach is designed for realizing such generalized group signature scheme. Using the new scheme, the authorized subsets of the group in which the group member can cooperate to produce the valid signature for any message can be randomly specified.展开更多
Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concernin...Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concerning revocation of group members is an ideal one if it satisfies forward security which makes it more attractive for not sacrificing the security of past signatures of deleted members. This paper analyses the problem and gives a construction in which the group manager can be un-trustworthy. The scheme is efficient even when the number of revoked members is large.展开更多
How to find efficient and secure member- ship revocation algorithms is one of the most important issues standing in the way of real-world applications of group signatures. In this paper, the proof of knowledge of divi...How to find efficient and secure member- ship revocation algorithms is one of the most important issues standing in the way of real-world applications of group signatures. In this paper, the proof of knowledge of divisibility is given and a novel membership revocation method in ACJT group signature scheme is proposed: the group manager issues the product E of the public keys of current members in the group, when a group member wants to sign, he should not only proves that he has a membership certificate, but also proves that the public key in his certificate divides exactly the public key product E with zero knowledge. The proposed method is efficient since the group manager only needs one division and one exponentiation when a group member is deleted, while the signing and verifying procedure are independent of the number of current group members and excluded members, as well as the original group public key and membership certificates needn't be changed.展开更多
A new group signature with one time secret key is proposed. The main merits are that it only needs the trusted center issuing the partial secret key one time for each group member; and that the group member can genera...A new group signature with one time secret key is proposed. The main merits are that it only needs the trusted center issuing the partial secret key one time for each group member; and that the group member can generate his different secret key each time when he wants to sign a message. The group public key is constant and the size of the signature is independent of the number of group members. The total computation cost of signature and verification requires only 8 modular exponentiations.展开更多
Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The g...Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.展开更多
Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Insp...Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Inspired by the pioneering work of Bellare and Fuchsbauer,we present a primitive called policy-based group signature.In policy-based group signatures,group members can on behalf of the group to sign documents that meet their own policies,and the generated signatures will not leak the identity and policies of the signer.Moreover,the group administrator is allowed to reveal the identity of signer when a controversy occurs.Through the analysis of application scenarios,we concluded that the policy-based group signature needs to meet two essential security properties:simulatability and traceability.And we construct a scheme of policy-based group signature from lattice through techniques such as commitment,zero-knowledge proof,rejection sampling.The security of our scheme is proved to be reduced to the module short integer solution(MSIS)and module learning with errors(MLWE)hard assumptions.Furthermore,we make a performance comparison between our scheme and three lattice-based group signature schemes.The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%,46.01%,respectively,compared with other schemes.展开更多
This paper describes the research results and development of fair off-line e-cash systems so far, and points out that in these systems, the bank can compute the double-spender’s account secret key, thus the bank can ...This paper describes the research results and development of fair off-line e-cash systems so far, and points out that in these systems, the bank can compute the double-spender’s account secret key, thus the bank can impersonate the double-spender to withdraw from the double-spender’s account. This article utilizes anonymity control and group signature to address this shortcoming. Key words electronic cash - anonymity control - group signature CLC number TP 309 Foundation item: Supported by the National Natural Science Fundation of China (90204015)Biography: SU Yun-xue (1975-), male, Ph. D. research direction: the software and theory of computer and information security.展开更多
A quantum group signature(QGS) scheme is proposed on the basis of an improved quantum chaotic encryption algorithm using the quantum one-time pad with a chaotic operation string. It involves a small-scale quantum comp...A quantum group signature(QGS) scheme is proposed on the basis of an improved quantum chaotic encryption algorithm using the quantum one-time pad with a chaotic operation string. It involves a small-scale quantum computation network in three phases, i.e. initializing phase, signing phase and verifying phase. In the scheme, a member of the group signs the message on behalf of the group while the receiver verifies the signature's validity with the aid of the trusty group manager who plays a crucial role when a possible dispute arises. Analysis result shows that the signature can neither be forged nor disavowed by any malicious attackers.展开更多
During the establishment of group signature scheme,the parameter information used by the group members is often derived from the group center,and the members are likely to lack immune function to the center.To overcom...During the establishment of group signature scheme,the parameter information used by the group members is often derived from the group center,and the members are likely to lack immune function to the center.To overcome this,a new signature scheme with immune function to the group center is proposed.In the scheme,group members and centers each have independent secret information,but they can authenticate each other.A large amount of content in the calculation process is implemented by group members(terminals),which reduces the computation done by the group center.Furthermore,the scheme also features anti-common modulus attack,anti-joint attack,anti-detriment,revocation and so on.展开更多
Along with the increase of wearable medical device,the privacy leakage problem in the process of transmission between these edge medical devices.The blockchain-enabled Internet of Medical Things(BIoMT)has been develop...Along with the increase of wearable medical device,the privacy leakage problem in the process of transmission between these edge medical devices.The blockchain-enabled Internet of Medical Things(BIoMT)has been developed to reform traditional centralized medical system in recent years.This paper first introduces a data anonymous authentication model to protect user privacy and medical data in BIoMT.Then,a proxy group signature(PGS)scheme has been proposed based on lattice assumption.This scheme can well satisfy the anonymous authentication demand for the proposed model,and provide anti-quantum attack security for BIoMT in the future general quantum computer age.Moreover,the security analysis shows this PGS scheme is secure against the dynamical-almost-full anonymous and traceability.The efficiency comparison shows the proposed model and PGS scheme is more efficient and practical.展开更多
Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants.However,single-signature applications in transactions c...Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants.However,single-signature applications in transactions can lead to user identification issues due to the reuse of public keys.To address this issue,group signatures can be used,where the same group public key is used to verify signatures from group members to provide anonymity to users.However,in dynamic groups where membership may change,an attack can occur where a user who has left the group can disguise themselves as a group member by leaking a partial key.This problem cannot be traced back to the partial key leaker.In this paper,we propose assigning different partial keys to group members to trace partial key leakers and partially alleviate the damage caused by partial key leaks.Exist schemes have shown that arbitrary tracing issues occurred when a single administrator had exclusive key generation and tracing authority.This paper proposes a group signature scheme that solves the synchronization problem by involving a threshold number of TMs while preventing arbitrary tracing by distributing authority among multiple TMs.展开更多
We propose short group signature (GS) schemes which are provably secure without random oracles. Our basic scheme is about 14 times shorter than the Boyen-Waters GS scheme at Eurocrypt 2006, and 42% shorter than the ...We propose short group signature (GS) schemes which are provably secure without random oracles. Our basic scheme is about 14 times shorter than the Boyen-Waters GS scheme at Eurocrypt 2006, and 42% shorter than the recent GS schemes due to Ateniese et al. The security proofs are provided in the Universally Composable model, which allows the proofs of security valid not only when our scheme is executed in isolation, but also in composition with other secure cryptographic primitives. We also present several new computational assumptions and justify them in the generic group model. These assumptions are useful in the design of high-level protocols and may be of independent interest.展开更多
The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it...The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.展开更多
A forward-secure group signature(FSGS)ensures the unforgeability of signatures in the past time period despite signing secret key is leaked in the current time period.As we know,traditional FSGS schemes are mostly rel...A forward-secure group signature(FSGS)ensures the unforgeability of signatures in the past time period despite signing secret key is leaked in the current time period.As we know,traditional FSGS schemes are mostly relying on number-theoretic assumptions unable to resist quantum attacks.Therefore,we present an efficient lattice-based fully dynamic(ie.users can flexibly join or quit the group)forward-secure group signature(DFSGS)by combining an improved version of FSGS scheme proposed by Ling.Based on an efficient zero-knowledge argument,we construct argument of knowledge of the committed value and the plaintext that help with privacy protection.Our DFSGS scheme is proved to be anonymous and forward-secure traceable relying on short integer solution and learning with errors assumptions in random oracle model.Moreover,the lengths of group public key and signature of our DFSGS scheme have been improved,and the length of user secret key has no connection with the quantity of group members.展开更多
基金The National Natural Science Foundation of China (No60403027)
文摘The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang's conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.
基金Supported by the Scientific Research Plan Projectof the Education Department of Shaanxi Province (06JK197)
文摘In this paper, a new dynamic group signature scheme is proposed. It allows the group manager to increase or delete group members flexibly. Furthermore, the length of group signatures, as well as the computational effort for signing, verifying and opening are very small and independent of the number of group members and deleted group members. So it is efficient.
基金Supported by National Natural Science Foundation of China (No.60503006 and No.60403007) and Natural Science Foundation of Guangdong, China (No. 04205407).
文摘We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.
基金Project supported by the National Basic Research Program of China (973 Program) (Grant No 2007CB311100)the National High Technology Research and Development Program of China (Grant Nos 2006AA01Z419 and 20060101Z4015)+4 种基金the Major Research plan of the National Natural Science Foundation of China (Grant No 90604023)2008 Scientific Research Common Program of Beijing Municipal Commission of Education The Scientific Research Foundation for the Youth of Beijing University of Technology (Grant No 97007016200701)the National Research Foundation for the Doctoral Program of Higher Educationof China (Grant No 20040013007)the National Laboratory for Modern Communications Science Foundation of China (GrantNo 9140C1101010601)the Doctor Scientific Research Activation Foundation of Beijing University of Technology (Grant No 52007016200702)
文摘A multi-proxy quantum group signature scheme with threshold shared verification is proposed. An original signer may authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signature on behalf of the original signer. In the scheme, any t or more of n receivers can verify the message and any t - 1 or fewer receivers cannot verify the validity of the proxy signature.
基金supported by the National High-Tech Research and Development Plan of China under Grant Nos.863-317-01- 04-99, 2009AA01Z122 (863)the Natural Science Foundation of Shenyang City of China under Grant No. F10-205-1-12
文摘Non-Interactive Zero-Knowledge(NIZK for short) proofs are fascinating and extremely useful in many security protocols. In this paper,a new group signature scheme,decisional linear assumption group signature(DLAGS for short) with NIZK proofs is proposed which can prove and sign the multiple values rather than individual bits based on DLIN assumption. DLAGS does not need to interact between the verifier and issuer,which can decrease the communication times and storage cost compared with the existing interactive group signature schemes. We prove and sign the blocks of messages instead of limiting the proved message to only one bit(0 or 1) in the conventional non-interactive zero-knowledge proof system,and we also prove that our scheme satisfy the property of anonymity,unlinkability and traceability. Finally,our scheme is compared with the other scheme(Benoitt's scheme) which is also based on the NIZK proofs system and the DLIN assumption,and the results show that our scheme requires fewer members of groups and computational times.
基金Project (No. 60472032) supported by the National Natural Science Foundation of China
文摘Xie and Yu (2005) proposed a group signature scheme and claimed that it is the most efficient group signature scheme so far and secure. In this paper, we show that two dishonest group members can collude to launch two attacks on the scheme. In the first attack they can derive the group secret key and then generate untraceable group signatures. In the second attack, they can impersonate other group members once they see their signatures. Therefore we conclude that the signature scheme is not secure. We show that some parameters should be carefully selected in the scheme to resist our attacks.
基金Supported by the National973Project(G19980 30 42 0 )
文摘The concept of generalized group signature scheme will be present. Based on the generalized secret sharing scheme proposed by Lin and Harn, a non interactive approach is designed for realizing such generalized group signature scheme. Using the new scheme, the authorized subsets of the group in which the group member can cooperate to produce the valid signature for any message can be randomly specified.
基金the National Natural Science Foundation of China (No.60673081)the National Grand Foundation Research 863 Program of China (No.2006 AA01Z417).
文摘Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concerning revocation of group members is an ideal one if it satisfies forward security which makes it more attractive for not sacrificing the security of past signatures of deleted members. This paper analyses the problem and gives a construction in which the group manager can be un-trustworthy. The scheme is efficient even when the number of revoked members is large.
基金supported in part by the National Nature Science Foundation of China under Grant No. 60473027
文摘How to find efficient and secure member- ship revocation algorithms is one of the most important issues standing in the way of real-world applications of group signatures. In this paper, the proof of knowledge of divisibility is given and a novel membership revocation method in ACJT group signature scheme is proposed: the group manager issues the product E of the public keys of current members in the group, when a group member wants to sign, he should not only proves that he has a membership certificate, but also proves that the public key in his certificate divides exactly the public key product E with zero knowledge. The proposed method is efficient since the group manager only needs one division and one exponentiation when a group member is deleted, while the signing and verifying procedure are independent of the number of current group members and excluded members, as well as the original group public key and membership certificates needn't be changed.
基金Project (No. 10271037) supported by the National Natural Sci-ence Foundation of China
文摘A new group signature with one time secret key is proposed. The main merits are that it only needs the trusted center issuing the partial secret key one time for each group member; and that the group member can generate his different secret key each time when he wants to sign a message. The group public key is constant and the size of the signature is independent of the number of group members. The total computation cost of signature and verification requires only 8 modular exponentiations.
基金This paper is supported by the National Natural Science Foundation of China under Grant No. 61072140, 61373171 the Program of Introducing Talents of Discipline to Universities NO. B08038 the Specialized Research Fund for the Doctoral Program of Higher Education No. 20100203110003.
文摘Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.
基金supported by the National Natural Science Foundation of China(61802117)Support Plan of Scientific and Technological Innovation Team in Universities of Henan Province(20IRTSTHN013)the Youth Backbone Teacher Support Program of Henan Polytechnic University under Grant(2018XQG-10).
文摘Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Inspired by the pioneering work of Bellare and Fuchsbauer,we present a primitive called policy-based group signature.In policy-based group signatures,group members can on behalf of the group to sign documents that meet their own policies,and the generated signatures will not leak the identity and policies of the signer.Moreover,the group administrator is allowed to reveal the identity of signer when a controversy occurs.Through the analysis of application scenarios,we concluded that the policy-based group signature needs to meet two essential security properties:simulatability and traceability.And we construct a scheme of policy-based group signature from lattice through techniques such as commitment,zero-knowledge proof,rejection sampling.The security of our scheme is proved to be reduced to the module short integer solution(MSIS)and module learning with errors(MLWE)hard assumptions.Furthermore,we make a performance comparison between our scheme and three lattice-based group signature schemes.The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%,46.01%,respectively,compared with other schemes.
文摘This paper describes the research results and development of fair off-line e-cash systems so far, and points out that in these systems, the bank can compute the double-spender’s account secret key, thus the bank can impersonate the double-spender to withdraw from the double-spender’s account. This article utilizes anonymity control and group signature to address this shortcoming. Key words electronic cash - anonymity control - group signature CLC number TP 309 Foundation item: Supported by the National Natural Science Fundation of China (90204015)Biography: SU Yun-xue (1975-), male, Ph. D. research direction: the software and theory of computer and information security.
基金Project(61379057)supported by the National Natural Science Foundation of ChinaProject supported by the Construct Program of the Key Discipline in Hunan University of Arts and Science,China+1 种基金Project(2012BS01)supported by Science Technology Research and Development Projects of Changde,ChinaProject supported by Science and the MEST2012-002521,NRF,Korea
文摘A quantum group signature(QGS) scheme is proposed on the basis of an improved quantum chaotic encryption algorithm using the quantum one-time pad with a chaotic operation string. It involves a small-scale quantum computation network in three phases, i.e. initializing phase, signing phase and verifying phase. In the scheme, a member of the group signs the message on behalf of the group while the receiver verifies the signature's validity with the aid of the trusty group manager who plays a crucial role when a possible dispute arises. Analysis result shows that the signature can neither be forged nor disavowed by any malicious attackers.
文摘During the establishment of group signature scheme,the parameter information used by the group members is often derived from the group center,and the members are likely to lack immune function to the center.To overcome this,a new signature scheme with immune function to the group center is proposed.In the scheme,group members and centers each have independent secret information,but they can authenticate each other.A large amount of content in the calculation process is implemented by group members(terminals),which reduces the computation done by the group center.Furthermore,the scheme also features anti-common modulus attack,anti-joint attack,anti-detriment,revocation and so on.
基金This work was supported by the National Natural Science Foundation of China under Grants 92046001,61962009the Doctor Scientific Research Fund of Zhengzhou University of Light Industry under Grant 2021BSJJ033Key Scientific Research Project of Colleges and Universities in Henan Province(CN)under Grant No.22A413010。
文摘Along with the increase of wearable medical device,the privacy leakage problem in the process of transmission between these edge medical devices.The blockchain-enabled Internet of Medical Things(BIoMT)has been developed to reform traditional centralized medical system in recent years.This paper first introduces a data anonymous authentication model to protect user privacy and medical data in BIoMT.Then,a proxy group signature(PGS)scheme has been proposed based on lattice assumption.This scheme can well satisfy the anonymous authentication demand for the proposed model,and provide anti-quantum attack security for BIoMT in the future general quantum computer age.Moreover,the security analysis shows this PGS scheme is secure against the dynamical-almost-full anonymous and traceability.The efficiency comparison shows the proposed model and PGS scheme is more efficient and practical.
基金supported by Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(RS-2022-00167197,Development of Intelligent 5G/6G Infrastructure Technology for The Smart City)and this work was funded by BK21 FOUR(Fostering Outstanding Universities for Research)(5199990914048)supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(2022R1A2B5B01002490)the Soonchunhyang University Research Fund.
文摘Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants.However,single-signature applications in transactions can lead to user identification issues due to the reuse of public keys.To address this issue,group signatures can be used,where the same group public key is used to verify signatures from group members to provide anonymity to users.However,in dynamic groups where membership may change,an attack can occur where a user who has left the group can disguise themselves as a group member by leaking a partial key.This problem cannot be traced back to the partial key leaker.In this paper,we propose assigning different partial keys to group members to trace partial key leakers and partially alleviate the damage caused by partial key leaks.Exist schemes have shown that arbitrary tracing issues occurred when a single administrator had exclusive key generation and tracing authority.This paper proposes a group signature scheme that solves the synchronization problem by involving a threshold number of TMs while preventing arbitrary tracing by distributing authority among multiple TMs.
基金This work is supported by the National Natural Science Foundation of China under Grant No.60473027ARC Discovery Grant of Australia under Grant No.DP0557493China Postdoctoral Science Foundation(Grant No.20060400035).
文摘We propose short group signature (GS) schemes which are provably secure without random oracles. Our basic scheme is about 14 times shorter than the Boyen-Waters GS scheme at Eurocrypt 2006, and 42% shorter than the recent GS schemes due to Ateniese et al. The security proofs are provided in the Universally Composable model, which allows the proofs of security valid not only when our scheme is executed in isolation, but also in composition with other secure cryptographic primitives. We also present several new computational assumptions and justify them in the generic group model. These assumptions are useful in the design of high-level protocols and may be of independent interest.
基金This work was supported by National Natural Science Foundation of China(Grant No.61379141 and No.61772521)Key Research Program of Frontier Sciences,CAS(Grant No.QYZDB-SSW-SYS035),and the Open Project Program of the State Key Laboratory of Cryptology.
文摘The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.
基金This work is supported by the Major Program of Guangdong Basic and Applied Research(2019B030302008)National Natural Science Foundation of China(61872152)Science and Technology Program of Guangzhou(201902010081)。
文摘A forward-secure group signature(FSGS)ensures the unforgeability of signatures in the past time period despite signing secret key is leaked in the current time period.As we know,traditional FSGS schemes are mostly relying on number-theoretic assumptions unable to resist quantum attacks.Therefore,we present an efficient lattice-based fully dynamic(ie.users can flexibly join or quit the group)forward-secure group signature(DFSGS)by combining an improved version of FSGS scheme proposed by Ling.Based on an efficient zero-knowledge argument,we construct argument of knowledge of the committed value and the plaintext that help with privacy protection.Our DFSGS scheme is proved to be anonymous and forward-secure traceable relying on short integer solution and learning with errors assumptions in random oracle model.Moreover,the lengths of group public key and signature of our DFSGS scheme have been improved,and the length of user secret key has no connection with the quantity of group members.
