Blockchain technology provides transparency and reliability by sharing transactions and maintaining the same information through consensus among all participants. However, single-signature ...applications in transactions can lead to user identification issues due to the reuse of public keys. To address this issue, group signatures can be used, where the same group public key is used to verify signatures from group members to provide anonymity to users. However, in dynamic groups where membership may change, an attack can occur where a user who has left the group can disguise themselves as a group member by leaking a partial key. This problem cannot be traced back to the partial key leaker. In this paper, we propose assigning different partial keys to group members to trace partial key leakers and partially alleviate the damage caused by partial key leaks. Exist schemes have shown that arbitrary tracing issues occurred when a single administrator had exclusive key generation and tracing authority. This paper proposes a group signature scheme that solves the synchronization problem by involving a threshold number of TMs while preventing arbitrary tracing by distributing authority among multiple TMs.
Vehicular ad hoc networks (VANETs) have recently received significant attention in improving traffic safety and efficiency. However, communication trust and user privacy still present practical ...concerns to the deployment of VANETs, as many existing authentication protocols for VANETs either suffer from the heavy workload of downloading the latest revocation list from a remote authority or cannot allow drivers on the road to decide the trustworthiness of a message when the authentication on messages is anonymous. In this paper, to cope with these challenging concerns, we propose a new authentication protocol for VANETs in a decentralized group model by using a new group signature scheme. With the assistance of the new group signature scheme, the proposed authentication protocol is featured with threshold authentication, efficient revocation, unforgeability, anonymity, and traceability. In addition, the assisting group signature scheme may also be of independent interest, as it is characterized by efficient traceability and message linkability at the same time. Extensive analyses indicate that our proposed threshold anonymous authentication protocol is secure, and the verification of messages among vehicles can be accelerated by using batch message processing techniques.
We propose a group signature scheme with a function of designated traceability; each opener has attributes, and a signer of a group signature can be traced by only the openers whose attributes ...satisfy the boolean formula designated by the signer. We describe syntax and security definitions of the scheme. Then we give a generic construction of the scheme by employing a ciphertext-policy attribute-based encryption scheme.
The Industrial Internet of Things (IIoT) that introduces Internet of Things (IoT) technology into industrial environments is beneficial to construct smart factories. It utilizes various sensors to ...collect the data of industrial devices. These data are analyzed to improve the manufacturing efficiency and product quality. Cloud storage provides a solution for storing data outsourced, especially for sensors that have limited local storage and computational capacity. To ensure the privacy preserving of devices, the collected data should be stored in the formal ciphertext. Therefore, encrypted data sharing should be implemented to analyze the devices' data. In this article, the cloud storage solution for sensors is considered. To achieve a secure and efficient data storage and sharing, a novel group signature scheme, which has less computation overhead and communication overhead, is designed to realize anonymous authentication first. And then, a novel blockchain-based cloud storage protocol for sensors in IIoT is constructed on basis of the proposed group signature scheme. Smart contract and proxy re-encryption are utilized in this protocol to realize secure data sharing with a less computational overhead. Furthermore, security proofs and performance evaluations demonstrate that this protocol is secure, privacy-preserving, and has at least 40% and 20% performance improvement in data storage and sharing phase, respectively.
In large-scale Internet of Things (IoT) systems, huge volumes of data are collected from anywhere at any time, which may invade people’s privacy, especially when the systems are used in medical or ...daily living environments. Preserving privacy is an important issue, and higher privacy demands usually tend to require weaker identity. However, previous research has indicated that strong security tends to demand strong identity, especially in authentication processes. Thus, defining a good tradeoff between privacy and security remains a challenging problem. This motivates us to develop a privacy-preserving and accountable authentication protocol for IoT end-devices with weaker identity, which integrates an adapted construction of short group signatures and Shamir’s secret sharing scheme. We analyze the security properties of our protocol in the context of six typical attacks and verify the formal security using the Proverif tool. Experiments using our implementation in MacBook Pro and Intel Edison development platforms show that our authentication protocol is feasible in practice.
•We present security, privacy-preserving, accountability, efficiency and dynamic removal requirements for the authentication framework of IoT end-devices with weaker identity.•We use a short group signature scheme to design a privacy-preserving and accountable authentication protocol for IoT end-devices with weaker identity.•We present a security analysis of our protocol in the context of six typical attacks.•We implement our protocol on the Intel Edison platform.
Code-based group signature is an important research topic in recent years. Since the pioneering work by Alamélou et al.(WCC 2015), several other schemes have been proposed to provide improvements in ...security, efficiency and functionality. However, most existing constructions work only in the static setting where the group population is fixed at the setup phase. Only a few schemes address partially dynamic, which can realize only one of users enrollment or revocation.
In this work, we provide an efficient code-based fully dynamic group signature (FDGS) scheme, i.e., users have flexibility when joining and leaving the group. Specifically, to upgrade the scheme into a fully dynamic group signature, we first add a dynamic ingredient into the static 2-RNSD Merkle-tree accumulator (ASIACRYPT 2019), then create a simple rule and utilize the Stern-like zero-knowledge protocol to handle users enrollment and revocation efficiently (i.e., without resetting the whole tree). Moreover, our solution is the first exploration of code-based FDGS with constant signature size.
Dynamic universal accumulator is a crucial cryptography primitive. This type of accumulator can provide a succinct witness for a member (resp. nonmember) in order to make sure whether such member ...(resp. nonmember) is accumulated in a set, and supports deleting and adding operations from the accumulated set, as well as updating the existing witnesses. In recent years, lattice-based accumulator has given rise to increasing attention with the advent of quantum computing. However, none of existing lattice-based accumulators is both universal and dynamic. Therefore, in this work, we first design a lattice-based dynamic universal accumulator scheme with undeniability and indistinguishability. And we construct a Stern-like zero-knowledge argument protocol about a fresh relation to show that this accumulator supports set membership proofs. Moreover, we use this accumulator and the protocol to construct a full dynamic group signature with stateless updates from lattices, holding traceability and full anonymity. Furthermore, we give an implementation of our accumulator scheme, and the experiment results show that the update algorithms in this scheme have good practicability.
•We design the first lattice-based dynamic universal accumulator with undeniability.•We implemented the accumulator scheme, and give an application in other fields.•We construct a full dynamic group signature scheme with stateless updates from lattices.
The advent of the cloud computing makes storage outsourcing become a rising trend, which promotes the secure remote data auditing a hot topic that appeared in the research literature. Recently some ...research consider the problem of secure and efficient public data integrity auditing for shared dynamic data. However, these schemes are still not secure against the collusion of cloud storage server and revoked group users during user revocation in practical cloud storage system. In this paper, we figure out the collusion attack in the exiting scheme and provide an efficient public integrity auditing scheme with secure group user revocation based on vector commitment and verifier-local revocation group signature. We design a concrete scheme based on the our scheme definition. Our scheme supports the public checking and efficient user revocation and also some nice properties, such as confidently, efficiency, countability and traceability of secure group user revocation. Finally, the security and experimental analysis show that, compared with its relevant schemes our scheme is also secure and efficient.