Weakly Secure Equivalence-Class Signatures from Standard Assumptions

@inproceedings{Fuchsbauer2018WeaklySE,
  title={Weakly Secure Equivalence-Class Signatures from Standard Assumptions},
  author={Georg Fuchsbauer and Romain Gay},
  booktitle={Public Key Cryptography},
  year={2018}
}
Structure-preserving signatures on equivalence classes, or equivalence-class signatures for short (EQS), are signature schemes defined over bilinear groups whose messages are vectors of group elements. Signatures are perfectly randomizable and given a signature on a vector, anyone can derive a signature on any multiple of the vector; EQS thus sign projective equivalence classes. Applications of EQS include the first constant-size anonymous attribute-based credentials, efficient round-optimal… 
Structure-Preserving Signatures on Equivalence Classes From Standard Assumptions
Structure-preserving signatures on equivalence classes (SPS-EQ) introduced at ASIACRYPT 2014 are a variant of SPS where a message is considered as a projective equivalence class, and a new
Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials
TLDR
The ABC system is the first credential system whose bandwidth required for credential showing is independent of the number of its attributes, i.e., constant-size, and strengthened game-based security definitions for ABC are proposed and proved.
Signatures with Flexible Public Key: A Unified Approach to Privacy-Preserving Signatures (Full Version)
TLDR
A new cryptographic primitive called signatures with flexible public key, which allows the straightforward implementation of so-called stealth addresses and combines with structure-preserving signatures on equivalence classes (SPS-EQ) to construct static group signatures and self-blindable certificates.
Signatures with Flexible Public Key: Introducing Equivalence Classes for Public Keys
TLDR
A new cryptographic primitive called signatures with flexible public key with complementary definitions is introduced, motivated by structure-preserving signatures on equivalence classes (\(\mathsf{SPS\text {-}EQ}\)), where the partitioning is done on the message space.
Improved Constructions of Anonymous Credentials From Structure-Preserving Signatures on Equivalence Classes
TLDR
Instantiating in the CRS model, an efficient credential system, anonymous under malicious organization keys, with increased expressiveness and privacy, proven secure in the standard model is obtained.
Efficient Signatures on Randomizable Ciphertexts
TLDR
The unforgeability notion for SoRC is strengthened and a scheme that provably achieves it in the generic group model is given, which is considerably more efficient than prior schemes.
Mercurial Signatures for Variable-Length Messages
TLDR
This paper provides an interactive signing protocol that admits messages of any length and proves its scheme existentially unforgeable under chosen open message attacks (EUF-CoMA) under a variant of the asymmetric bilinear decisional Diffie-Hellman assumption (ABDDH).
Membership Privacy for Fully Dynamic Group Signatures
TLDR
This work proposes a generic construction for a fully dynamic group signature scheme with membership privacy that is based on signatures with flexible public key and signatures on equivalence classes (SPSEQ), and devise novel techniques for SFPK to construct a highly efficient standard model scheme.
Highly-Efficient Fully-Anonymous Dynamic Group Signatures
TLDR
A novel, generic approach to construct dynamic group signature schemes, being provably secure in the BSZ model and particularly suitable for resource-constrained devices and a rigorous comparison with existing schemes that highlights the benefits of the scheme.
Efficient Invisible and Unlinkable Sanitizable Signatures
TLDR
This work constructs (non-accountable) invisible and unlinkable sanitizable signatures from signatures on equivalence classes and other basic primitives and puts forth a generic transformation using verifiable ring signatures to turn any non- accountable sanitized signature into an accountable one while preserving all other properties.
...
...

References

SHOWING 1-10 OF 46 REFERENCES
Separating Short Structure-Preserving Signatures from Non-interactive Assumptions
TLDR
It is proved that optimally short structure preserving signatures cannot have a security proof by an algebraic reduction that reduces existential unforgeability against adaptive chosen message attacks to any non-interactive assumptions.
Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials
TLDR
The ABC system is the first credential system whose bandwidth required for credential showing is independent of the number of its attributes, i.e., constant-size, and strengthened game-based security definitions for ABC are proposed and proved.
Structure-Preserving Signatures on Equivalence Classes and their Application to Anonymous Credentials
TLDR
This paper introduces a new type of structure-preserving signatures, which allows to sign group element vectors and to consistently randomize signatures and messages without knowledge of any secret.
Structure-Preserving Signatures from Standard Assumptions, Revisited
TLDR
This work presents new, simple and improved SPS constructions under standard assumptions via a conceptually different approach that significantly narrow the gap between existing constructions from standard assumptions and optimal schemes in the generic group model.
Short Group Signatures
TLDR
This work constructs a short group signature scheme based on the Strong Diffie-Hellman assumption and a new assumption in bilinear groups called the Decision Linear assumption, and proves security of the system, in the random oracle model, using a variant of the security definition for group signatures recently given.
Signature Schemes and Anonymous Credentials from Bilinear Maps
TLDR
This work proposes a new and efficient signature scheme that is provably secure in the plain model and provides efficient protocols that allow one to prove in zero-knowledge the knowledge of a signature on a committed (or encrypted) message and to obtain a signatureon a committed message.
Optimal Structure-Preserving Signatures in Asymmetric Bilinear Groups
TLDR
This work uses the generic group model to prove a lower bound on the complexity of digital signature schemes and gives constructions of structure-preserving signatures that consist of 3 group elements only.
Fully Structure-Preserving Signatures and Shrinking Commitments
TLDR
This paper introduces fully structure-preserving signature schemes, with the additional requirement that even secret keys should be group elements, and argues that a relaxed binding property lets us circumvent the impossibility result while still retaining the usefulness of the primitive in important applications.
(Hierarchical) Identity-Based Encryption from Affine Message Authentication
TLDR
This work provides a generic transformation from any affine message authentication code (MAC) to an identity-based encryption (IBE) scheme over pairing groups of prime order and shows how to construct affine MACs with a tight security reduction to standard assumptions, providing the first tightly secure IBE in the standard model.
Improved Structure Preserving Signatures Under Standard Bilinear Assumptions
TLDR
This work shows that the recent structure-preserving signature SPS scheme of Kiltz et al.
...
...