Non-Interactive Plaintext (In-)Equality Proofs and Group Signatures with Verifiable Controllable Linkability

Olivier Blazy, David Derler, Daniel Slamanig, Raphael Spreitzer

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

Group signatures are an important privacy-enhancing tool that allow to anonymously sign messages on behalf of a group. A recent feature for group signatures is controllable linkability, where a dedicated linking authority (LA) can determine whether two given signatures stem from the same signer without being able to identify the signer(s). Currently the linking authority is fully trusted, which is often not desirable.

In this paper, we firstly introduce a generic technique for non-interactive zero-knowledge plaintext equality and inequality proofs. In our setting, the prover is given two ciphertexts and some trapdoor information, but neither has access to the decryption key nor the randomness used to produce the respective ciphertexts. Thus, the prover performs these proofs on unknown plaintexts. Besides a generic technique, we also propose an efficient instantiation that adapts recent results from Blazy et al. (CT-RSA'15), and in particular a combination of Groth-Sahai (GS) proofs (or sigma proofs) and smooth projective hash functions (SPHFs).

While this result may be of independent interest, we use it to realize verifiable controllable linkability for group signatures. Here, the LA is required to non-interactively prove whether or not two signatures link (while it is not able to identify the signers). This significantly reduces the required trust in the linking authority. Moreover, we extend the model of group signatures to cover the feature of verifiable controllable linkability.
Original languageEnglish
Title of host publicationTopics in Cryptology - CT-RSA 2016 - The Cryptographer's Track at the RSA Conference 2016, San Francisco, CA, USA, 2016. Proceedings.
PublisherSpringer Verlag
Pages127-143
Volume9610
EditionLNCS
DOIs
Publication statusPublished - 2016
EventTopics in Cryptology – The Cryptographer's Track at the RSA Conference 2016: CT-RSA 2016 - San Francisco, United States
Duration: 29 Feb 20164 Mar 2016

Conference

ConferenceTopics in Cryptology – The Cryptographer's Track at the RSA Conference 2016
Country/TerritoryUnited States
CitySan Francisco
Period29/02/164/03/16

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Theoretical

Fingerprint

Dive into the research topics of 'Non-Interactive Plaintext (In-)Equality Proofs and Group Signatures with Verifiable Controllable Linkability'. Together they form a unique fingerprint.

Cite this