nach oben

Designs, Codes and Cryptography

Erschienen in:

28.09.2016

A code-based group signature scheme

verfasst von: Quentin Alamélou, Olivier Blazy, Stéphane Cauchie, Philippe Gaborit

Erschienen in: Designs, Codes and Cryptography | Ausgabe 1-2/2017

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This work is the extended version of Alamélou et al. (in: Tillich et al. (eds.) The 9th International workshop on coding and cryptography 2015 (WCC2015), 2015) which proposed the first code-based group signature. The new group signature scheme we present here has numerous advantages over all existing post-quantum constructions and even competes (in terms of properties) with pairing based constructions: it allows to add new members during the lifetime of the group (dynamic). Plus, it appears that our scheme might be extended into a traceable signature according to the definition of Kiayias et al. (in: Cachin and Camenisch (eds.) Advances in cryptology—EUROCRYPT 2004, 2004) (KTY model) while handling membership revocation. Our security is based on a relaxation of the model of Bellare et al. (in: Topics in cryptology—CT-RSA 2005, 2005) (BSZ model) verifying the properties of anonymity, traceability and non-frameability. The main idea of our scheme consists in building an offset collision of two syndromes associated to two different matrices: a random one which enables to build a random syndrome from a chosen small weight vector; and a trapdoor matrix for the syndrome decoding problem, which permits to find a small weight preimage of the previous random syndrome to which a fixed syndrome is added. These two small weight vectors will constitute the group member’s secret signing key whose knowledge will be proved thanks to a variation of Stern’s authentication protocol. For applications, we consider the case of the code-based CFS signature scheme (Nicolas in Advances in cryptology—ASIACRYPT 2001, 2001) of Courtois, Finiasz and Sendrier. If one denotes by N the number of group members, CFS leads to signatures and public keys sizes in \(N^{1/\sqrt{{\log }(N)}}\). Along with this work, we also introduce a new kind of proof of knowledge, Testable weak Zero Knowledge (TwZK), implicitly covered in the short version of this paper (Alamélou et al. in: Tillich et al. (eds.) The 9th international workshop on coding and cryptography 2015 (WCC2015), 2015). TwZK proofs appear particularly well fitted in the context of group signature schemes: it allows a verifier to test whether a specific witness is used without learning anything more from the proof. Under the random oracle model (ROM), we ensure the security of our scheme by defining the One More Syndrome Decoding problem, a new code-based problem related to the syndrome decoding problem (Berlekamp et al. in IEEE Trans Inf Theory 24(3):384–386, 1978).

Vorheriger Artikel Algebraic decoding of folded Gabidulin codes

Nächster Artikel Improving the security and efficiency of block ciphers based on LS-designs

Chaum D., van Heyst E.: Group signatures. In: Advances in Cryptology—EUROCRYPT ’91, Workshop on the Theory and Application of Cryptographic Techniques, Brighton 8–11 April 1991, Proceedings, pp. 257–265 (1991).

Bellare M., Micciancio D., Warinschi B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Advances in Cryptology—EUROCRYPT 2003, International Conference on the Theory and Applications of Cryptographic Techniques, Warsaw, 4–8 May 2003, Proceedings, pp. 614–629 (2003).

Bellare M., Shi H., Zhang C.: Foundations of group signatures: the case of dynamic groups. In: Topics in Cryptology—CT-RSA 2005, The Cryptographers’ Track at the RSA Conference 2005, San Francisco, 14–18 Feb 2005, Proceedings, pp. 136–153 (2005).

Boneh D., Boyen X., Shacham H.: Short group signatures. In: Advances in Cryptology—CRYPTO 2004, 24th Annual International Cryptology Conference, Santa Barbara, 15–19 Aug 2004, Proceedings, pp. 41–55 (2004).

Boneh D., Shacham H.: Group signatures with verifier-local revocation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), Washington, DC, 25–29 Oct 2004, pp. 168–177 (2004).

Camenisch J., Lysyanskaya A.: Signature schemes and anonymous credentials from bilinear maps. In: Advances in Cryptology—CRYPTO 2004, 24th Annual International Cryptology Conference, Santa Barbara, 15–19 Aug 2004, Proceedings, pp. 56–72 (2004).

Delerablée C., Pointcheval D.: Dynamic fully anonymous short group signatures. In: Progress in Cryptology—VIETCRYPT 2006, First International Conference on Cryptology in Vietnam, 25–28 Sept 2006, Revised Selected Papers, pp. 193–210 (2006).

Groth J.: Fully anonymous group signatures without random oracles. In: Advances in Cryptology—ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, 2–6 Dec 2007, Proceedings, pp. 164–180 (2007).

Kiayias A., Tsiounis Y., Yung M.: Traceable signatures. In: Cachin C., Camenisch J.L. (eds.) Advances in Cryptology—EUROCRYPT 2004. Lecture Notes in Computer Science, vol. 3027, pp. 571–589. Springer, Berlin (2004).

10.

Libert B., Yung M.: Efficient traceable signatures in the standard model. In: Pairing-Based Cryptography—Pairing 2009, Third International Conference, Palo Alto, 12–14 Aug 2009, Proceedings, pp. 187–205 (2009).

11.

Gordon S.D., Katz J., Vaikuntanathan V.: A group signature scheme from lattice assumptions. In: Advances in Cryptology—ASIACRYPT 2010, 16th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, 5–9 Dec 2010, Proceedings, pp. 395–412 (2010).

12.

Laguillaumie F., Langlois A., Libert B., Stehlé D.: Lattice-based group signatures with logarithmic signature size. In: Advances in Cryptology—ASIACRYPT 2013, 19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, 1–5 Dec 2013, Proceedings, Part II, pp. 41–61 (2013).

13.

Langlois A., Ling S., Nguyen K., Wang H.: Lattice-based group signature scheme with verifier-local revocation. In: Public-Key Cryptography—PKC 2014, 17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, 26–28 March 2014, Proceedings, pp. 345–361 (2014).

14.

Ling S., Nguyen K., Wang H.: Group signatures from lattices: simpler, tighter, shorter, ring-based. In: Public-Key Cryptography—PKC 2015, 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, 30 March–1 April 2015, Proceedings, pp. 427–449 (2015).

15.

Nguyen P.Q., Zhang J., Zhang Z.: Simpler efficient group signatures from lattices. In: Public-Key Cryptography—PKC 2015, 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, 30 March–1 April 2015, Proceedings, pp. 401–426 (2015).

16.

Ezerman M.F., Lee H.T., Ling, S., Nguyen, K., Wang, H.: A provably secure group signature scheme from code-based assumptions. In: IACR Cryptology ePrint Archive 2015, 479 (2015).

17.

Libert B., Ling S., Mouhartem F., Nguyen K., Wang H.: Signature schemes with efficient protocols and dynamic group signatures from lattice assumptions. In: IACR Cryptology ePrint Archive 2016, 101 (2016).

18.

Courtois N., Finiasz M., Sendrier N.: How to achieve a McEliece-based digital signature scheme. In: Advances in Cryptology—ASIACRYPT 2001, 7th International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, 9–13 Dec 2001, Proceedings, pp. 157–174 (2001).

19.

Alamélou Q., Blazy O., Cauchie S., Gaborit P.: A code-based group signature scheme. In: Charpin P., Sendrier N., Tillich J.-P. (eds.) The 9th International Workshop on Coding and Cryptography 2015 WCC2015, Proceedings of the 9th International Workshop on Coding and Cryptography 2015 (WCC2015), France, April 2015.

20.

Goldwasser S., Micali S., Rackoff C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989).

21.

Berlekamp E.R., McEliece R.J., van Tilborg H.C.A.: On the inherent intractability of certain coding problems (corresp.). IEEE Trans. Inf. Theory 24(3), 384–386 (1978).

22.

MacWilliams F.J., Sloane N.J.A.: The Theory of Error-Correcting Codes, 2nd edn. North-Holland, Amsterdam (1978).

23.

Arora S., Babai L., Stern J., Sweedyk Z.: The hardness of approximate optima in lattices, codes, and systems of linear equations. In: 34th Annual Symposium on Foundations of Computer Science, Palo Alto, 3–5 Nov 1993, pp. 724–733 (1993).

24.

Bellare M., Namprempre C., Pointcheval D., Semanko M.: The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J. Cryptol. 16(3), 185–215 (2003).

25.

Stern J.: A new identification scheme based on syndrome decoding. In: Advances in Cryptology—CRYPTO ’93, 13th Annual International Cryptology Conference, Santa Barbara, 22–26 Aug 1993, Proceedings, pp. 13–21 (1993).

26.

Stern J.: A new paradigm for public key identification. IEEE Trans. Inf. Theory 42(6), 1757–1768 (1996).

27.

Fiat A., Shamir A.: How to prove yourself: practical solutions to identification and signature problems. In: Advances in Cryptology—CRYPTO ’86, Santa Barbara, 1986, Proceedings, pp. 186–194 (1986).

28.

Feige U., Shamir A.: Witness indistinguishable and witness hiding protocols. In: Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, 13–17 May 1990, Baltimore, pp. 416–426 (1990).

29.

Faugère J.-C., Gauthier-Umaña V., Otmani A., Perret L., Tillich J.-P.: A distinguisher for high rate mceliece cryptosystems. In: 2011 IEEE Information Theory Workshop, ITW 2011, Paraty Brazil, 16–20 Oct 2011, pp. 282–286 (2011).

30.

Mathew, K. P., Vasant, S., Rangan, C. P.: A provably secure signature and signcryption scheme using the hardness assumptions in coding theory. In: Lee H.-S., Han D.-G. (eds.) Information Security and Cryptology—ICISC 2013: 16th International Conference, Seoul, Korea, 27–29 Nov 2013, Revised Selected Papers, pp. 342–362 (2013).

31.

Becker A., Joux A., May A., Meurer A.: Decoding random binary linear codes in 2 n/20: how \(1 + 1 = 0\) improves information set decoding. In: Advances in Cryptology—EUROCRYPT 2012, 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, 15–19 April 2012, Proceedings, pp. 520–536 (2012).

32.

Finiasz M., Sendrier N.: Security bounds for the design of code-based cryptosystems. In: Advances in Cryptology—ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, 6–10 Dec 2009. Proceedings, pp. 88–105 (2009).

Titel: A code-based group signature scheme
verfasst von: Quentin Alamélou
Olivier Blazy
Stéphane Cauchie
Philippe Gaborit
Publikationsdatum: 28.09.2016
Verlag: Springer US
Erschienen in: Designs, Codes and Cryptography / Ausgabe 1-2/2017
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI: https://doi.org/10.1007/s10623-016-0276-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 1-2/2017

Improving impossible-differential attacks against Rijndael-160 and Rijndael-224

Redefining the transparency order

Optimal software-implemented Itoh–Tsujii inversion for

Symmetric disjunctive list-decoding codes

On some permutation binomials and trinomials over

Cover-free codes and separating system codes