IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508
Special Section on Discrete Mathematics and Its Applications
Group Signature with Deniability: How to Disavow a Signature
Ai ISHIDAKeita EMURAGoichiro HANAOKAYusuke SAKAIKeisuke TANAKA
Author information
JOURNALS RESTRICTED ACCESS

2017 Volume E100.A Issue 9 Pages 1825-1837

Details
Abstract

Group signatures are a class of digital signatures with enhanced privacy. By using this type of signature, a user can sign a message on behalf of a specific group without revealing his identity, but in the case of a dispute, an authority can expose the identity of the signer. However, it is not always the case that we need to know the specific identity of a signature. In this paper, we propose the notion of deniable group signatures, where the authority can issue a proof showing that the specified user is NOT the signer of a signature, without revealing the actual signer. We point out that existing efficient non-interactive zero-knowledge proof systems cannot be straightforwardly applied to prove such a statement. We circumvent this problem by giving a fairly practical construction through extending the Groth group signature scheme (ASIACRYPT 2007). In particular, a denial proof in our scheme consists of 96 group elements, which is about twice the size of a signature in the Groth scheme. The proposed scheme is provably secure under the same assumptions as those of the Groth scheme.

Information related to the author
© 2017 The Institute of Electronics, Information and Communication Engineers
Previous article Next article
feedback
Top