TU Darmstadt / ULB / TUbiblio

Relaxed Security Notions for Signatures of Knowledge

Fischlin, Marc ; Onete, Cristina
Hrsg.: Lopez, Javier ; Tsudik, Gene (2011)
Relaxed Security Notions for Signatures of Knowledge.
9th International Conference on Applied Cryptography and Network Security. Nerja, Spain (07.06.2011-10.06.2011)
doi: 10.1007/978-3-642-21554-4_18
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

We revisit the definition of signatures of knowledge by Chase and Lysanskaya (Crypto 2006) which correspond to regular signatures but where the signer also proves knowledge of the secret key to the public key through any signature. From a more abstract point of view, the signer holds a secret witness w to a public NP statement x and any signature to a message allows to extract w given some auxiliary trapdoor information. Besides extractability, Chase and Lysanskaya also demand a strong witness-hiding property, called simulatability, akin to the zero-knowledge property of non-interactive proofs. They also show that this property ensures anonymity for delegatable credentials or for ring signatures, for example.

In this work here we discuss relaxed notions for simulatability and when they are sufficient for applications. Namely, in one notion we forgo any explicit witness-hiding notion, beyond some weak requirement that signatures should not help to produce further signatures, analogously to unforgeability of regular signature schemes. This notion suffices for example for devising regular signature schemes with some additional proof-of-possession (POP) or knowledge-of-secret-key (KOSK) property. Our stronger notion resembles the witness-indistinguishability notion of proofs of knowledge and can be used to build anonymous ring signatures. Besides formal definitions we relate all notions and discuss constructions and the aforementioned applications.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2011
Herausgeber: Lopez, Javier ; Tsudik, Gene
Autor(en): Fischlin, Marc ; Onete, Cristina
Art des Eintrags: Bibliographie
Titel: Relaxed Security Notions for Signatures of Knowledge
Sprache: Englisch
Publikationsjahr: 1 Juni 2011
Verlag: Springer
Buchtitel: Applied Cryptography and Network Security
Reihe: Lecture Notes in Computer Science
Band einer Reihe: 6715
Veranstaltungstitel: 9th International Conference on Applied Cryptography and Network Security
Veranstaltungsort: Nerja, Spain
Veranstaltungsdatum: 07.06.2011-10.06.2011
DOI: 10.1007/978-3-642-21554-4_18
Kurzbeschreibung (Abstract):

We revisit the definition of signatures of knowledge by Chase and Lysanskaya (Crypto 2006) which correspond to regular signatures but where the signer also proves knowledge of the secret key to the public key through any signature. From a more abstract point of view, the signer holds a secret witness w to a public NP statement x and any signature to a message allows to extract w given some auxiliary trapdoor information. Besides extractability, Chase and Lysanskaya also demand a strong witness-hiding property, called simulatability, akin to the zero-knowledge property of non-interactive proofs. They also show that this property ensures anonymity for delegatable credentials or for ring signatures, for example.

In this work here we discuss relaxed notions for simulatability and when they are sufficient for applications. Namely, in one notion we forgo any explicit witness-hiding notion, beyond some weak requirement that signatures should not help to produce further signatures, analogously to unforgeability of regular signature schemes. This notion suffices for example for devising regular signature schemes with some additional proof-of-possession (POP) or knowledge-of-secret-key (KOSK) property. Our stronger notion resembles the witness-indistinguishability notion of proofs of knowledge and can be used to build anonymous ring signatures. Besides formal definitions we relate all notions and discuss constructions and the aforementioned applications.

Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Kryptographie und Komplexitätstheorie
Hinterlegungsdatum: 27 Jun 2011 14:44
Letzte Änderung: 15 Aug 2023 09:56
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen